Clean 2.8.4 Hacked :(
I had 2 instances of 2.8.3 running on seperate databases, and both were hacked before I got the chance to upgrade. I upgraded, deleted all WordPress, plugin, and theme files, downloaded fresh zips of all, uploaded those, checked my permalinks structure (nothing out of the ordinary there), searched both databases for the “eval” and “base_” crud that supposedly causes it (nothing came up except for the blog post about it by lorelle @ http://lorelle.wordpress.com/2009/09/04/old-wordpress-versions-under-attack/. Should that be in my databases??), and even had my hosting company look through my .htaccess file to ensure that anything that was there was supposed to be. Still getting the icky redirects and spyware warnings.
Well, one of the installs of WP was just for design purposes and had virtually no content in it, so I went ahead and deleted all of it’s files AND it’s database. Started with a fresh clean database and a fresh clean 2.8.4 install of WordPress. Redownloaded and installed fresh versions of the plugins I use (FatFreeCart, Cleaner Gallery, and Lightbox 2), as well as the theme (Fixed Blix). The only files from the old install that I reuploaded were a handful of theme template files, which I meticulously went through with my own eyes beforehand (footer.php was NOT one of them).
This fresh, clean install of 2.8.4 is STILL REDIRECTING randomly!!!!
I’ve put in a help desk ticket with my host to make sure that my entire account didn’t get affected somehow, but I’m expecting them to tell me to ask here anyway, since it originated wwith 3rd party software. Help?
ETA: Also wanted to mention that I’ve tested the new install by repeatedly hitting “reload” and clicking around on it via a Mac iBook using Opera, so I highly doubt it’s my machine that’s infected. I’ve checked my browser cache, and it’s clear. I’m no expert, though, so I guess it’s possible?
- The topic ‘Clean 2.8.4 Hacked :(’ is closed to new replies.