Forums

WordPress › Support » How-To and Troubleshooting

Upload Hacked (4 posts)

  1. SyCo123
    Member
    Posted 1 year ago #

    I was using version 2.8.4 and noticed none of the images were showing in my posts. In the status there were numerous attempts to connect to a website g-oogl-e.com. I tracked this down to an .htaccess file that now exists in the uploads>YYYY>MM folder.

    I'm unable to delete it (permissions issue) and have contacted my host to remove them. One exists in every month folder. I'm trying to work out how the files were put there. I'm presuming through the wordpress interface as none of the other folders in my website are affected by this.

    Anyone heard of this or had any experience with it?

  2. esmi
    Theme Diva & Forum Moderator
    Posted 1 year ago #

    Your site may well have been hacked.

    http://codex.wordpress.org/FAQ_My_site_was_hacked
    http://wordpress.org/support/topic/268083#post-1065779
    http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
    http://ottopress.com/2009/hacked-wordpress-backdoors/

  3. SyCo123
    Member
    Posted 1 year ago #

    It was undoubtedly hacked, but how? How was a .htaccess file uploaded to an image directory? I can't imagine an uploader allows that kind of file.

  4. esmi
    Theme Diva & Forum Moderator
    Posted 1 year ago #

    Once a hacker has access to the server s/he doesn't need an uploader. They can run any scripts they want.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.