[resolved] Am I being hacked? (6 posts)

  1. brockangelo
    Posted 8 years ago #

    I just setup a 404 page to receive e-mails whenever a visitor lands on the 404 page of my site.

    It has been very educational.

    Random alerts when someone searched google for this or that. But this morning there have been a flood of e-mails from someone who can apparently see my theme titles and is trying to view the screenshot of each theme inside wp-contents/themes/.

    He's going to http://www.brockangelo.com/wp-content/themes/...

    Funny thing is, when I go to that location, I can't see a directory of themes uploaded - but whoever it is can see custom theme titles that I built - so he's not only guessing the most popular themes - but he's getting access to the directory somehow.

    Should I be concerned about this? Or should this be directed to the maillists?

    EDIT - I'm noticing that some of the attempts are coming from .../wp-admin/themes.php - has someone gotten into my admin panel??!!

  2. whooami
    Posted 8 years ago #

    and the someone's ip is?

  3. brockangelo
    Posted 8 years ago #

    How do I find that? The script I'm using only tells me the website they came from - not the IP.

  4. whooami
    Posted 8 years ago #

    I didnt write the script, obviously :)

    you need to add something like this to the script:

    $ipstr = $_SERVER['REMOTE_ADDR'];

    then have the script include $ipstr in the information it sends you.

  5. brockangelo
    Posted 8 years ago #

    Will do - I will e-mail you off list.

  6. Michael
    Posted 8 years ago #

    My plugin can track fails attempts to login to the admin panel. Maybe you should install it.

    Linky: http://wordpress.org/extend/plugins/bluetrait-event-viewer/

Topic Closed

This topic has been closed to new replies.

About this Topic