WordPress.org

Ready to get started?Download WordPress

Forums

wordpress security issues (3 posts)

  1. zarkas
    Member
    Posted 1 year ago #

    Almost all my blogs have been infeced with "malware" lately. seems to be 2 different types.

    1. strange random filenames such as fw432desde.php appears in my root directory, my wordpress index.php file and theme files get affected with either some eval code, or links are inserted in hidden positions.

    2. additional text and links are added to the bottom of some of my posts.

    Anyone got some more information about these two types of malware? and could someone recommend good plugin to help prevent these things, I have better wp security installed but that doesn't seem to do the job.

  2. Rev. Voodoo
    Volunteer Moderator
    Posted 1 year ago #

    WordPress itself has no known security vulnerabilities at this time. Hackers can get in by weak passwords, infected computers, bad plugins or themes, improper server configurations, etc. Many ways.

    You need to start going through these resources:

    http://codex.wordpress.org/FAQ_My_site_was_hacked
    http://wordpress.org/support/topic/268083#post-1065779
    http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
    http://ottopress.com/2009/hacked-wordpress-backdoors/

    Additional Resources:
    http://sitecheck.sucuri.net/scanner/
    http://www.unmaskparasites.com/
    http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html
    http://codex.wordpress.org/Hardening_WordPress

    Which can shed some light on what happened, and how to fix and harden WordPress. Plugins don't usually 'stop' hackers - they just wind up telling you after somethign happened.

    Plus, once you've been hacked, your entire hosting account is vulnerable, so anything you have installed is probably hacked. And backdoor files get inserted - so hackers have access until you completely clean everything

  3. zarkas
    Member
    Posted 1 year ago #

    Thanks for the fast reply Rev Voodoo, i'll take a look at those links

Topic Closed

This topic has been closed to new replies.

About this Topic