WordPress.org

Forums

WordPress › Support » How-To and Troubleshooting

Security breach (JavaScript inserted) (3 posts)

  1. 2biazdk
    Member
    Posted 1 year ago #

    Hi guys,

    My client, JudithKrautwald.dk, has now several times experienced some kind of 'hacking' of her websites, where a few lines of JavaScript code is inserted on the bottom of some JS-files.

    [ Don't post malware code here. If you must the use pastebin.com instead. ]

    How can I prevent this from happening? Is it due to a plugin with a security breach?

    My plugins are:

      Admin Bar Removal
      Akismet
      BulletProof Security
      Custom Login Logo Lite
      Disable WordPress Widgets
      Google Analytics
      Google XML Sitemaps
      Remove posts from wp-admin
      TinyMCE Advanced
      Tiny MCE Tabfocus Patch
      uBillboard

    Thanks in advance!

    Kind regards,
    Tobias

  2. kmessinger
    Volunteer Moderator
    Posted 1 year ago #

    Please do not post malware code here.

    Notify your host ASAP.

    Follow all this information.
    http://codex.wordpress.org/FAQ_My_site_was_hacked
    http://wordpress.org/support/topic/268083#post-1065779
    http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
    http://ottopress.com/2009/hacked-wordpress-backdoors/
    http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html

    For checking site.
    http://sitecheck.sucuri.net/scanner/
    http://www.unmaskparasites.com/

  3. towonder
    Member
    Posted 1 year ago #

    Is everything up to date?

    If so, check your database to see if they added extra users or malicious content. Change the passwords to your FTP server, WordPress installation and database. Remove your admin account and create a new administrator with a lesser obvious name. Make sure your passwords are also 'strong'.

    Check the permissions (the chmod) on your folders. The only folder that might be '777' is wp_content/uploads. Other folders should be 755 or 765.

    If you want to be really safe; re-install the core. Choose a different database prefix.

    If the problem reoccurs; contact your host. There are a lot of good WordPress-minded hosts out there. A great check to see if your host is a terrible combination with WordPress is to try and update plugins or the core using the admin interface; if WordPress asks for your FTP-settings it's probably not a great host.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags