Possible Site Hack?

  • thelazygeisha

    (@thelazygeisha)


    15 years, 9 months ago

    Hi guys,

    I notice someone attempting to get into password protected content on my site by entering the following URL:

    htp://domain_name.com/wp-pass.php

    When I enter that URL it brings me to my Admin login page. Is there any way for some random surfer to access this file, and any idea why they might be doing so? It would seem to me that whomever this is they have a working knowledge of WP. I blocked their IP address at the server level, but now I’m concerned about security. If anyone can shed light on why someone might attempt this route, or if this is just something that normally happens with WP, I’d appreciate it.

    Thanks much,

    nina

Viewing 4 replies - 1 through 4 (of 4 total)
  • Roy

    (@gangleri)

    15 years, 9 months ago

    If I’m not mistaken the wp-pass file contains your password. There’s litle use to try to access it directly, since it’s a PHP file which has to be processed, but doesn’t, only if your PHP malfunctions. (Even a simple “save as” will in 99% of the case result in an empty file. It seems to me like a very far shot of some kiddo trying out a few things on a few WP sites.

    As for myself, I use the Ask Apache Password Protect plugin so there’s no direct accessing of such files or folders such as wp-admin or wp-content.

    whooami

    (@whooami)

    15 years, 9 months ago

    If I’m not mistaken the wp-pass file contains your password.

    youre mistaken 🙂

    Roy

    (@gangleri)

    15 years, 9 months ago

    Right. Can’t get to my files from work…

    wp-pass.php
    Accepts the password needed to view password-protected posts, then redirects back to the protected post.

    Anyway, could the person trying, be thinking of something like this?
    That’s an ages old hack, right?

    Thread Starter thelazygeisha

    (@thelazygeisha)

    15 years, 9 months ago

    @ Gangleri

    Hmmm, so this was something in the 2.2+ series? Interesting. Tho, my understanding is that all site PW were hashed and stored in one of the database tables, so my initial panic was just that, panic. I was just curious as to why on earth anyone would try to be direct entering a url to a php file — I mean, I know it’s a server side language — but it was late and I was somewhat bleary. I was really just curious about some other hole I might not have been aware of.

    @ Whoo

    Hey there! (waves)

    Thanks much for the answers!

    nina

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Possible Site Hack?’ is closed to new replies.

Tags