WordPress.org

Ready to get started?Download WordPress

Forums

WordPress Intrusions? (2 posts)

  1. fraguada
    Member
    Posted 4 years ago #

    http://www.livearchitecture.net
    Hello all. This is the first time posting an issue here. I have had some strange behavior on our site lately (above). Browsers began to say that our site is a phishing site. I found something at the end of our index.php which was essentially a link to (sorry I deleted the full line of code).

    "http://www.freeguard.biz/j100coock.js"

    If I delete this, its fine for a bit, but eventually comes back. My .htaccess file looks like this:

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>

    # END WordPress

    Any help in eradicating this would be greatly appreciated!

  2. Nice website but as you said, the "bad thing" is still there. Here's some steps to try, which you might have begun or tried already.

    The problem with file based compromises is that if you run on a shared host, it might not be your installation but a neighbor on the same box. Or another set of software you are using.

    First things first: make a full backup of your database and files and put that somewhere safe. Get ready to be able to restore as a safety net.

    http://codex.wordpress.org/Backing_Up_Your_Database
    http://codex.wordpress.org/WordPress_Backups
    http://codex.wordpress.org/Restoring_Your_Database_From_Backup

    Get fresh copies of WordPress http://wordpress.org/download/ as well as your theme http://graphpaperpress.com/2008/06/02/f8-remixed-portfolio-theme-for-wordpress/ and fresh copies of all of your plugins.

    Now give this a good read

    http://codex.wordpress.org/FAQ_My_site_was_hacked

    From that FAQ I find these to be really helpful

    http://ocaoimh.ie/did-your-wordpress-site-get-hacked/
    http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/

    After you've put on fresh copies and de-loused your blog, harden the file and directory permissions:

    http://codex.wordpress.org/Hardening_WordPress#File_permissions

    Hardening the directories and files might interfere with plugin updates as well as uploads. Once your blog is clean and stays clean you can play with the file permissions to make your blog friendlier to updates and uploads.

    If you make any gross mistakes you can put it back via a restore and start over again.

    Good luck.

Topic Closed

This topic has been closed to new replies.

About this Topic