Clean WordPress installation hacked (no plugins)

  • Resolved RConde

    (@rconde)


    2 years, 1 month ago

    Hi, last year I had a test installation on one of my domains. No plugins/themes/etc at all, just a clean installation to do some tests.

    I left it unattended for some months and today I found what I think is a weird hack, compromising my website.

    What afraid me most is that the WP installation was done in a folder but I found duplicated (compromised) files in the root directory where there was none of them by myself.

    Compromised files: .htaccess, index.php and xmlrcp.php

    Begin of the malicious code:

    [ No, do not post that here again ]

    I cannot find some information about this, just to let you know, I’m not sure if this is the first notice you have about this.

    I can provide with the full files for you to analyze.

    My web hosting left quarantined a file, not sure if this is the origin of the attack.

    • This topic was modified 2 years, 1 month ago by RConde.
    • This topic was modified 2 years, 1 month ago by RConde.
    • This topic was modified 2 years, 1 month ago by RConde.
    • This topic was modified 2 years, 1 month ago by Jan Dembowski. Reason: Moved to Fixing WordPress, this is not an Everything else WordPress topic
Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘Clean WordPress installation hacked (no plugins)’ is closed to new replies.