wordfence .htaccess file have been hacked

  • rcampoamor

    (@rcampoamor)


    9 years, 1 month ago

    looks like this happened a few hours ago:

    Modified plugin file: wp-content/plugins/wordfence/tmp/.htaccess
    Filename: wp-content/plugins/wordfence/tmp/.htaccess
    File type: Plugin
    Issue first detected: 7 mins ago.
    Severity: Warning
    Status New
    This file belongs to plugin “Wordfence Security” version “5.3.6” and has been modified from the file that is distributed by WordPress.org for this version. Please use the link to see how the file has changed. If you have modified this file yourself, you can safely ignore this warning. If you see a lot of changed files in a plugin that have been made by the author, then try uninstalling and reinstalling the plugin to force an upgrade. Doing this is a workaround for plugin authors who don’t manage their code correctly. [See our FAQ on http://www.wordfence.com for more info]

    THe usual russian hackage:

    The Original Version of the file

    [hacked site code removed]

Viewing 4 replies - 1 through 4 (of 4 total)
  • wslade

    (@wslade)

    9 years, 1 month ago

    Do you have a question? Or is this meant for general information?

    Lady_K

    (@lady_k)

    9 years, 1 month ago

    Please please please help me 🙁

    http://watchthisbrand.co.za/wp-login.php redirect_to=http%3A%2F%2Fwatchthisbrand.co.za%2Fwordpress%2Fwp-admin%2F&reauth=1

    I cannot access the login, somehow the homepage has redirected itself and included an additional | wordpress | ?

    <!DOCTYPE HTML PUBLIC “-//IETF//DTD HTML 2.0//EN”>
    <html><head>
    <title>404 Not Found</title>
    </head><body>
    <h1>Not Found</h1>
    <p>The requested URL /wp-login.php was not found on this server.</p>
    <p>Additionally, a 404 Not Found
    error was encountered while trying to use an ErrorDocument to handle the request.</p>
    </body></html>

    That is just the tip of the iceberg here…

    http://watchthisbrand.co.za – instead of arriving on the homepage you arrive on a white page with 4 links:

    Index of /

    .htpasswds/
    cgi-bin/
    makeFame/
    wordpress/

    SSSSTTTTTRRRRREEEEEEEEESSSSSSSSSSSSSS! How do I get rid of that???

    Lady_K

    (@lady_k)

    9 years, 1 month ago

    Actually a much better idea… how do I uninstall everything and start at the very beginning, new theme, no plugins (bain of my life) and the opportunity to login, verify etc etc like a nice, behaving – not – broken – website?

    Please. Thank you. 🙂

    WPyogi

    (@wpyogi)

    9 years, 1 month ago

    @lady_kplease start your own thread – it’s not even clear that your site has been hacked.

    Post here:

    https://wordpress.org/support/forum/how-to-and-troubleshooting#postform

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘wordfence .htaccess file have been hacked’ is closed to new replies.