WordPress.org

Ready to get started?Download WordPress

Forums

WordPress MU Domain Mapping
Domain Mapping plug-in being hacked by Indonesian hackers (2 posts)

  1. tonyzeoli
    Member
    Posted 2 years ago #

    Hey everyone,

    I have a WordPress site that's been hacked twice now through sunrise.php and domain-mapping.php. There is a security exploit somewhere. Both times I've been hacked, I've had to clean up the top level directory of files placed by the hacker and update to a clean install of WordPress. I kept on trying to figure out why that wouldn't clear out the hack, then I replaced sunrise.php and domain-mapping.php and the hack disappeared.

    Unfortunately, I overwrote the files without saving them down to look at them, but I know that that hack disappeared once I overwrote those files with new ones.

    Someone needs to look into this asap. I'm not sure if it's an exploit in domain mapping or somewhere else, but that's what I've been experiencing, so it should be something that someone looks into for sure.

    Tony Zeoli

    http://wordpress.org/extend/plugins/wordpress-mu-domain-mapping/

  2. Ron Rennick
    MultiSite Guru
    Plugin Author

    Posted 2 years ago #

    Just because that was the file that had the extra code doesn't mean that is the file/method they used to gain access.

    The hacker was probably using that file because it's one people might not think to check.

    My first recommendation would be to change all of the passwords you can. (Depending on your hosting you may not be able to change your DB password.) And, when you change them, don't use the same password twice.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic