WordPress Hacked | WordPress.org

johndublin
(@johndublin)

15 years, 5 months ago

Hi there,

quick question to those in the know, my website was hacked recently, I was using the most recent version, before the snoopy.php update, my webhost shut down my site until the attacks stopped.

It seemed someone created a folder called /mydomain.com/ser and was using my site as a proxy so somone with an IP in Irian could look at porn….

Can someone tell me if the flaw found in the version before snoopy.php 2.6.2 was the cause – or the possible cause, as I am very worried it could be something else on wp causing it. I asked if it could be a wp plugin and host support said no…

Any ideas?

Viewing 4 replies - 1 through 4 (of 4 total)

unixgolf
(@unixgolf)

15 years, 5 months ago

Are you positive it is WP that allowed for the hack, and not a setup issue on your backend?

Thread Starter johndublin
(@johndublin)

15 years, 5 months ago

It could well be, hosting company not 100% clear, but kept indicating that it was most possibly WP, I am now very worried, as I dont know much about code really. They mentioned that alot of open sourse software is open to this, the only other software I run is VB – which they said was deffo not the issue

Jeremy Clark
(@jeremyclark13)

15 years, 5 months ago

Usually with the right permissons on the server, wordpress can’t create folders outside of the wp-content folder. So most likely a setup problem.
Resources:
http://codex.wordpress.org/Hardening_WordPress#File_permissions
http://codex.wordpress.org/Changing_File_Permissions

Thread Starter johndublin
(@johndublin)

15 years, 5 months ago

mank thanks jeremy

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘WordPress Hacked’ is closed to new replies.

In: Fixing WordPress
4 replies
3 participants
Last reply from: johndublin
Last activity: 15 years, 5 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics