Multiple WP sites hacked, help please

I am the host….so the ball is still in my court. Multiple domains belonging to multiple clients were affected, but it doesn’t seem they rooted the server or have root access of any kind. That is why I was thinking it was a WP exploit since they didn’t hack it at a server level and they only hacked domains that had WP installs.

Most of the info above helps those whose blog hasn’t been wiped out. The two worse offenses were cases in which it appears the whole database was wiped out. As a result, there is nothing to “save” or nothing to try to fix or upgrade. Seems like the only solution is to wipe out the whole blog directory and install a fresh copy of WP.

If WP is now “safe”, then what about plugins like “Secure WordPress”? I am trying to understand if WP is truly “safe”, or if in fact security plugins are needed and what else can be done.

I had found the provided links already (thanks) but they are mainly aimed at recovering from a hack, and the standard password change suggestion, but it didn’t appear there was much more to protect future attacks?

Seems the consensus is that WP is a “safe” program to run and all the problems are external to the program?

Thanks so much!

Hello… I paid to have the server hardened over and above how it came. It seems though that the hackers are always a step ahead. they exploit, a patch is made, they exploit, etc.

The only safe product is the one that doesn’t need security updates. A security update is essentially an admission of an existing security problem, which is a way of saying 3.03 had a problem, and 3.03 fixed a problem 3.02 had, etc.

Doesn’t that mean that 3.04 will get patched as a security problem will be found with it as well?

Since the hackers chose only the domains with WP made it suspicious that was their “door”. Maybe they just have a thing for WP sites.

Thanks!

mmmmm…. I think saying the “server” is exploitable vs. saying “some domains on the server” were exploitable.

It seems you are saying the server had less than desirable security which you don’t know and I don’t know either.

I had the server hardened, I have had it reviewed, and I have had it re-reviewed, and none of the geeks have found anything derelict at the server level.

I know that at least on some of the sites, passwords were very weak. It could be something that simple vs. a security weakness or a problem with WP.

I have just learned over time to deal with common denominators when trying to ascertain a problem which is how I ended up here.

It happens my server is backboned at the same place as suggested in one of the links provided above. And in turn, the geeks I hired work at their suggested support company, so I guess that is as good as it gets from that perspective 🙂

Thanks again…