[SERIOUS] numerous hacking attempts
-
I have a really serious problems with my WordPress site.
It has been at least 4 times in last 7 days. I am running latest version, 2.6.1 with minimum plugins. All the hacks took a different form:
1) complete redirect to another site
2) changed links in posts / pages to another site
3) theme changes, added malicious codes and ad scripts
4) various files uploaded on the serverI am pretty sure there are some undocumented exploits being actively used to hack my site. I was running 2.3 version before and thought that upgrading to latest version will fix everything, but it didn’t change anything at all.
I manually removed user “WordPress” from table wp_users, which was somehow added and not listed in the Users page. This account had most likely admin priviledges. I have no idea how he was able to add it to the database.
Few minutes ago, I wasn’t able to login into wp-admin folder – it always redirected back to root. I checked .htaccess and it was altered by someone.
I also found these files in wp-content/uploads:
hlaccess.php
js_cache/tinymce_0545a56e85e54f37b23350e9b20137b3.gz (74632 B)
js_cache/wp-load.phpI edited all files with CHMOD 777 to 644 so noone can edit them without access to server/FTP.
I changed my pass 3 times in last few days.
I am quite desperate right now feeling that I have almost no power over my website. I am seriously considering moving to another platform or self-written CMS, however it’s not an easy process with 400 000 comments and 10 000 posts.
List of active plugins: Democracy, Email Users, Math Comment Spam Protection, Feedburner Feedpress, Paged Comments, Wp SuperCache.
Please help me if it’s possible…
- The topic ‘[SERIOUS] numerous hacking attempts’ is closed to new replies.