WordPress.org

Ready to get started?Download WordPress

Forums

Site Hacked (6 posts)

  1. sincewelastspoke
    Member
    Posted 2 years ago #

    Hi,

    My site was hacked recently.

    The attackers got in through 'archive.php' in my 'twentyeleven' theme.

    I just thought I'd post this in case it happens to anyone else.

    Hope this helps.

    Thanks,

    Michael

  2. esmi
    Forum Moderator
    Posted 2 years ago #

  3. The Hack Repair Guy
    Member
    Posted 2 years ago #

    Hi,
    It's more likely that a hacker specifically hacked that file, so you would be less likely to find it.

    I've worked with hundreds of websites all around the world who have used that theme and my experience says that file is not a hacker file.

    You can confirm this by downloading a virgin copy of the theme and compare yours with the original (and I believe you'll see your post is in error).

  4. adpawl
    Member
    Posted 2 years ago #

    @THRG is right, wp-archive can be a victim, but rather not a gate.
    You should check files by modification time - look them in server log. Also check for files which is not in the original wp package.

  5. sincewelastspoke
    Member
    Posted 2 years ago #

    @THRG Thanks, but 'twentyeleven' remained untouched from upload to my server. It's exactly as WP made it. It was just there as a 'virgin' itself.
    My active theme is another one entirely.

  6. The Hack Repair Guy
    Member
    Posted 2 years ago #

    I recommend deleting all inactive themes and plugins.

    Themes and plugins are easy enough to reinstall if needed in future. Leaving old themes or plugins installed may degrade the security of your website (so why take a chance...).

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.