Blog Keeps Being Hacked (7 posts)

  1. Bob Smith
    Posted 6 years ago #

    OK first my site was hacked like described in this thread.


    I was already upgraded with the latest version, so I did a new install an seemed fine.

    Then I noticed it has been hot by the Google redirect hack.


    I found the offending code in wp-blog-header.php and removed it, changed my WP and FTP passwords and it seemed to clear up.

    Contacted my host who said there was nothing wrong with their servers.

    Now the hack is back. Remove the code again and seems OK.

    Any ideas on what is causing this and how I can stop it?


  2. Bob Smith
    Posted 6 years ago #

    bumping this for the post turkey people.

  3. Roy
    Posted 6 years ago #

    My guess is that you haven't cleaned up properly, so the hack was never gone. What if you delete the theme completely, download a new one, check your tables to see if there's anything fishy, found out if you don't have users you don't want, etc. Then change ALL passwords, including that of the database, PHPmyAdmin (or whatever you have), etc.

  4. Bob Smith
    Posted 6 years ago #

    i killed the theme and replaced it. how would i tell if there are other users created?

  5. buddha trance
    Posted 6 years ago #

    Check your database to see if there are other users. There is a users table.

  6. Bob Smith
    Posted 6 years ago #

    @buddha trance

    where exactly do i find that?

    this hack adds a hidden user. do i do it through phpmyadmin?

  7. MichaelH
    Posted 6 years ago #

    phpMyAdmin and look at the wp_users table.

Topic Closed

This topic has been closed to new replies.

About this Topic


No tags yet.