Hi again Kmessinger,
yep. It got fixed the last time by the person who helps me with the site and now it’s the same hassle again. Any thoughts? Hacked again???is that a common thing to get hacked on WP?
Thanks
It is not “common” for wp to get hacked specifically but it is common that once you are hacked you get hacked again because the true source of the hack was not found.
You have to let the host know as the hack more than likely originated in a shared server. You have to be very aggressive in searching for and cleaning/deleting bad files.
Whatever is causing it is adding an i-frame AFAIK – see line 151 of the source code.
Hmm that makes sense. Ok I’ll forward this to the person who set it up for me as this is beyond my capabilities
Thanks once again.
Cheers! Marceau
Hi Kmessinger, sorry but I need your help. I contacted my host, Bluehost and sent them what you said and this is what they answered. I am afraid this is all Chinese to me. And would you have any idea on how I can get back into my site since the dashboard is not accessible anymore?
Thanks
Marceau
Hello,
Have you ever heard of the WordPress timthumb.php hack? It is explained here:
http://markmaunder.com/2011/08/02/technical-details-and-scripts-of-the-wordpress-timthumb-php-hack/
I see that you are using an outdated version of timthumb.php here:
/home5/centauri/public_html/marceauverdiere/wp-content/plugins/image-rotator-widget 2/timthumb.php
The version shows 2.8 . Yet, you can get the updated version, 2.8.9, at this location:
http://timthumb.googlecode.com/svn/trunk/timthumb.php
You might want to ask the WordPress community and see if they can help figure out if that’s how you were hacked.
Using ftp or by logging into your hosted account, change the name image-rotator-widget to ximage-rotator-widget.
That may get you back into the dashboard but your site will still be hacked. If you do get back into the dashboard, add this plugin, http://wordpress.org/extend/plugins/timthumb-vulnerability-scanner/ That will take care of the timthumb hack but you still will be infected.
Next you need to read and do all this, http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/
http://sitecheck.sucuri.net/scanner/
If you want professional help sucuri.net and http://codegarage.com/contact/ are two of many that can help including http://jobs.wordpress.net/
Hi Kmessinger,
again thanks a lot. I am gonna try to understand it all and get going..and if not I’ll get professional help. In any case it’s really kind of you to take the time to do this,
many cheers to you,
Marceau