Posted 7 months ago #
My wordpress blogs are frequently getting hacked. I have a strong admin and server password. I also have the latest WP 3.2.1, still its getting hacked. Latest hack is by someone called FEnr.
index.php as renamed to index.php1 . The hacker put a new index.php with message Hacked By FEnR and some images. The could not find any other changes elsewhere. I dont know whether is the hole in WP core engine or some plugins. Hope someone can give an insight into this.
TIA,
Paul
It's not WP core and it's probably not a plugin either. If they're renaming your index file, then they have access to the file system which means they have the password you use to FTP into your site.
Read http://codex.wordpress.org/FAQ_My_site_was_hacked
And change ALL your passwords.
Posted 7 months ago #
Hi Ipstenu,
I have strong passwords which I change frequently. My doubt is some code injection is happening which in turn is renaming the files.
Posted 7 months ago #
Also I have others sites in the same server which I built in PHP and MySQL. Hacking happens frequently only to WordPress site. Thats what I am concerned..
You can run http://wordpress.org/extend/plugins/wp-security-scan/ and check your site on http://sitecheck.sucuri.net/scanner/
However there is no known security hole in WP at this time. A plugin is more likely, but even then it's not as high risk as all that.
Your WP site is being targeting because it's WP and people target that.
You must log in to post.
