Support » Fixing WordPress » new version not safe I have been hacked
new version not safe I have been hacked
-
My site
http://www.unleashedbeasts.com/
got hacked with the new version, I am now going to restore it I hope, but how can I stop this from happening again?
-
There is nothing wrong with WP 3.2.1. The hacker could have gained access from any point on the server.
OK that’s fine, is there anyway in finding out how they did it or got in?
they changed my child-theme index file, this is strange as I have found that they normally aim direct for the main index file dont they?
if you didn’t mind giving some tips on how I go about stopping it happening again?
is there anyway in finding out how they did it or got in?
If this is a shared server, your hosts are the best people to carry out this investigation.
they changed my child-theme index file
Hackers will aim for any common file and index.* is just about as common as you can get. Have a look at Hardening_WordPress.
Thanks for that
I really think its my host that’s cr@p as I have had to shut down 4 other sites within the last 2 months as they kept getting hacked, I was sticking to this as my main and keeping it well updated as I thought it was me not updating enough, but now I am thinking its my host
I have done all the things in that link and cant seem to do much more from my end so think I am stuck now
thanks again
Are you sure that you have removed any backdoors from earlier hacks on your site(s)?
http://ottopress.com/2009/hacked-wordpress-backdoors/thanks for the link, I am still looking through the files but not got a clue on this bit 🙁
can I ask are the files
k.php and kll.php
anything to do with wordpress? are they made when installed? as they have things in indicating what that links says?
OK So I have done the following can you just confirm maybe I have missed something
re-installed a fresh copy of wp
removed k.php and kll.php as they are bad I take itI have done other things I would like to not says, but I take it there is a way that they get the files “k.php and kll.php” uploaded on my FTP? any other tips on how I can find the code they would have done this?
I am unsure if I have closed all back doors as that link says what they could have done but I am looking for a needle in a haystack as I dont even know what I am looking for really in the database 🙁
Should I un-install all my plugins one by one and delete the files fully then re-install them?
anything to do with wordpress?
Nope.
anything to do with wordpress?
Nope.
try telling my host that lol
I myself have nothing against wordpress and think its a great software
thanks for your help
try telling my host that
If they have security concerns, they are free to contact security@wordpress.org
I will deffently, I am so close to leaving them now as all my sites are down due to them doing something with there servers, stay clear of justhost, should be called justjoke
meant to ask should this all be in the .htaccess file?
# -FrontPage-
IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*
<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>
<Limit PUT DELETE>
order deny,allow
deny from all
</Limit>
AuthName unleashedbeasts.com
AuthUserFile /home/public_html/_vti_pvt/service.pwd
AuthGroupFile /home/public_html/_vti_pvt/service.grp
- The topic ‘new version not safe I have been hacked’ is closed to new replies.