Support » Theme: Hatch » Hacked

  • Carley

    (@carleycwddcomau)


    Hi, my website is using the Hatch theme as was recently hacked. The readme file name was changed to readme.d938ca3f950bb138d138a81c0d4f50d4.html.
    So I deleted the readme file.
    I updated the wordpress version and plugins just before it was hacked.
    I have iThemes Security installed which didn’t seem to help.
    But I’m not sure what version of Hatch I have running at the moment and I’m not sure how I found this out???
    Any help would be much appreciated.
    Thanks,
    Carley.

Viewing 1 replies (of 1 total)
  • Goto Design > Themes > hover Hatch > klick on Theme-Detais.
    Current Version is 0.3.1

    There is another security leak in Hatch.
    It is possible to call attachement pages of unpublished posts or images, which will show the comment form, enabling spammers to submit comment spam from there.

    You may deactivate the comment form in attachement pages by adding this code to the functions.php of your Hatch child theme.

    // deactivate comments in attachement pages
    function filter_media_comment_status( $open, $post_id ) {
    $post = get_post( $post_id );
    if( $post->post_type == 'attachment' ) {
    return false;
    }
    return $open;
    }
    add_filter( 'comments_open', 'filter_media_comment_status', 10 , 2 );

    If you didn’t create a child theme so far, now it’s the time to create one.

    Cheers
    Plotz

Viewing 1 replies (of 1 total)
  • The topic ‘Hacked’ is closed to new replies.