WordPress.org

Ready to get started?Download WordPress

Forums

Someone got into my admin panel ! (12 posts)

  1. creobic
    Member
    Posted 8 years ago #

    hi guys i got a lot of problem yesterday night. Someone hacked my admin panel and put some script in my template. I have cleaned all scripts and links which was writen to my blog. Bu now, i am not sure if that problem is going to alert me again ? Can you guys tell me how can i feel safe.. ?

  2. Mark (podz)
    Support Maven
    Posted 8 years ago #

    It was probably a server hack involving programs other than WP.
    Check with your host to see if others have had this problem.
    Change all your passwords.
    Backup everything.
    Check server logs for anything suspicious.

  3. creobic
    Member
    Posted 8 years ago #

    Its not a server hack, Its only about my wordpress sites. I have changed passwords but havent backed up yet. I will do it today. Should i update or download anything special ? cuz my sites have installed with the latest versions of WP. Or what should i do to be more safe ?

  4. Mark (podz)
    Support Maven
    Posted 8 years ago #

    "Its not a server hack,"
    How do you know that for absolute certainty ?

  5. creobic
    Member
    Posted 8 years ago #

    Sorry but i got 7 sites woring with WP and all of them are hacked, Not my other php sites.. what should i think ?

  6. Mark (podz)
    Support Maven
    Posted 8 years ago #

    7 hacked sites - you have emailed your hosts urgently ?

  7. creobic
    Member
    Posted 8 years ago #

    Yes i did.. They said there must be something about your admin panel security...

  8. creobic
    Member
    Posted 8 years ago #

    Is it possible for hackers to get in to my admin panel that easy ? Can it be about CHMOD 666 ?

  9. tomhanna
    Member
    Posted 8 years ago #

    They didn't necessarily have to get into your admin panel to modify files. It could be about poor password security. It could be about another security problem on the server. It could even be one of those other PHP programs let them in, but it was your blogs that they wanted to deface.

  10. Mark (podz)
    Support Maven
    Posted 8 years ago #

    There are others here that know more about security - I speak from time here and running my own sites.

    The weakest link is your password into your blog. I deal with an amazing amount of blogs which have the same login for the blog / cpanel / ftp / mysql etc etc. So if you had the same pw for 7 sites, that could be the issue.

    Your host will say that anyway. (Who IS your host ?) It's a lazy way of doing nothing and blaming someone else.

    666 ? Files should be okay at 664 but even so, whoever did this had access first - and I still say that it is 99% more likely that this is unrealted to WP but they picked on those pages because they are public.

    1 - Who is your host ?
    2 - Backup
    3 - Consider finding another host.

  11. uberwerks
    Member
    Posted 8 years ago #

    Sorry, but I find it hard to believe that all 7 websites are "hacked" and caused by WP. No way. You sure it's not a friend of yours messing around w/ you? Got to be something like your host or someone you know, or someone has guessed your password...but no way it's WP.

  12. Ment0r
    Member
    Posted 8 years ago #

    agreed. if there would be some exploit for wp around there would be probably more defaces going on then just at your end.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.