blog got hacked (5 posts)

  1. snakerboy
    Posted 10 years ago #

    Hello, just went to make some posts today on my blog. I was greeted by http://13370r.net/thedeplorableword/hax.html
    At first I thought that our whole site had been done over, but after doing some looking around its only my wp pages that have been hit so to speak. The hackers have (as far as I know) just make a new index page.
    Im running 1.2 not 1.21, so that could be an issue. I also originally installed wordpress via fantastico though the cpanel.
    Has anyone else had any reports of this? or got any idea how it was done, e.g. my fault for using a stupid password? or some holes in wp or fantastico?
    Any help you could give would be great

  2. Mark (podz)
    Support Maven
    Posted 10 years ago #

    My guess would be the password - it's the weakest link.
    Get a password manager program - I use anypassword ( http://www.romanlab.com/apw/ ) and use it to generate and save your passwords.
    8 or 16 random character passwords are good - birthdays and pet names are not :)

  3. Cypher
    Posted 10 years ago #

    Fantastico usually keeps ALL the installation/upgrade/update files in place after doing it's job. It is your responsiblity of going through your folders to ensure that you've deleted all these files.
    These include things like <yoursite.com>/wp-admin/install.php and so on. Look for these files, and remove them.

  4. James Huff
    Volunteer Moderator
    Posted 10 years ago #

    Snakerboy, you should also upgrade to v1.2.1, 1.2 had some security holes.

  5. snakerboy
    Posted 10 years ago #

    The password could have been an issue 9 letters, with a few numbers for good luck. Im really not as stupid for it to be a pets name birthday etfc :p
    install.php is probly the cause, its really pissed me off because fantastico didnt even warn me about it. I assumed that it would take care of such stuff.
    Im going to backup my tables and do a nice fresh install. Cheers for your input.

Topic Closed

This topic has been closed to new replies.

About this Topic


No tags yet.