I tried to log into my wordpress site via cpanel
I do not believe that is even possible:
http://stackoverflow.com/questions/18946504/is-it-possible-to-login-to-wordpress-from-cpanel
However, it can be possible to use what is call a “temporary URL” and I would be asking my host about what is happening there.
Can’t seem to login to admin area. WordPress site hosted on godaddy. Am getting a blank page http://mysitename.com/wp-content/deleteme.f4728ac8453a4505b2ebd2a3a3969ead.php?cbc2ec64762d1acb7f8c6b5bf4b85c5b1 instead of the normal login page.
That ‘deleteme’ file certainly does not belong in /wp-content/, so I would guess your site has been invaded. If I were you, I would go to /wp-content/ and delete that file, then add this as index.php in /wp-content/:
<?php
// Permissions for this file: 0404 //
exit;?>
https://wordpress.org/support/topic/warning-this-is-an-attack-site?replies=3#post-6346621
Access your site with:
yoursite.com/wp-login.php instead of yoursite.com/wp-admin
If it doesn’t work, try to rewrite .htaccess file with same data.
This depends on your global host httpd.conf (hosting company), i saw that once or two.
It’s not a huge deal, your files are safe as all your worked on, just report them you have a little problem if my solution doesnt’t work.
i saw a deleteme file with some strange numbers attached to it. I trashed it. Th index.php file already exist. Am thinking i will have to contact my host ASAP
If you saw some new files, your host is really scary,
Well in the future, you can try some plugins like updraftplus, i use it to make one button push backups to dropbox – quite convenient.
WordPress must be hardened to prevent intrusion, your host is not responsible for that and I highly recommend BulletProof Security.
https://www.google.com/search?q=how+to+harden+wordpress
https://wordpress.org/plugins/search.php?q=BulletProof+Security
Well i disagree, now that we have automatic updates and so, WordPress is indeed safier than it ever was.
In general flaws come from user misconfiguration, bad password management, or rarely host – after all depends your requirements as a user or company. Plus if Automattic manage the thing, I don’t recall WordPress.com sites ever ever be hacked – it actually never happened to my knowledge for the last decade. And that makes a whole bunch of websites…
Well i disagree…
…Plus if Automattic manage the thing…
Hardening WordPress is a recommendation for self-hosted sites since Automattic and self-hosted sites are in completely different environments.
Security in WordPress is taken very seriously, but as with any other system there are potential security issues that may arise if some basic security precautions aren’t taken. This article will go through some common forms of vulnerabilities, and the things you can do to help keep your WordPress installation secure.
This article is not the ultimate quick fix to your security concerns. If you have specific security concerns or doubts, you should discuss them with people whom you trust to have sufficient knowledge of computer security and WordPress.
http://codex.wordpress.org/Hardening_WordPress
You’re absolutely right, but seriously, can a company take credits for every (bad) use of a GPL product?
Like I said, I’ve got a pack of sites using WordPress now, should i sue Automattic if someone hack my servers? Obvious answer is no. Now all depends the needs, when you download the self-hosted package it implies you’re responsible for being hacked or whatever the chan – more common sense talking now.
After, if your it provider or yourself be hacked, it would be gross to attack someone giving you a free and good tool like WordPress. We could reproduce example with everything GPL.
Finally, WordPress (as Automattic does provide entreprise hosting for very large sites and for very long time) – you choose it or not. It’s like asking if Linus Torvald is responsible for guys making Backtrack on top of it – but aside he provide a “virtual” unbreakable linux that he cooks himself.
Regards,
