WordPress.org

Support

Hacked 2.3.3

  • By 2.2 installation was being hacked into and spam hidden links dumped into index.php. I didn;t notice until google decided to ban me (they have now reincled my site). But even though i’ve updated to 2.3.3 it keeps happening.

    I have disabled all plugins.
    I have chmod’d wp-includes as recommended

    Any ideas what else i can do – has anyone seen this before and can advise please

Viewing 9 replies - 1 through 9 (of 9 total)
  • Roy
    Member

    @gangleri

    Just a silly question. You didn’t use your old files for the new installation, just like this fellow?

    no – i did re-upload the new files because that thought had crossed my mind – so its not that silly a question

    Are you also getting the “document.write” crap at the bottom of the file? I was up way too late last night figuring everything out. In my case it seemed to be an instance of the xmlrpc exploit which was fixed in the latest WP update. While that hole may be closed, a php shell could have been installed anywhere on your site before you updated. That includes non-system folders you may not have checked or removed when updating, or in my case, scripts were placed in my custom theme directory which I was dumb enough to copy back to my fresh WP installation.

    Hi , I took Skitals advice and deleted everything but wordpress from the site. and did a fresh install of 2.3.3.

    Sadly i have re-hacked.

    What happens is that lots of spam links get appended to index.php

    This is really starting to annoy me now. Haven’t these folk got better things to do than hack someones website for a little bit of google link juice?

    Chris_K
    Member

    @handysolo

    Have you checked file permissions? You don’t, by chance, have everything at 777 do you?

    nope php file chmod’d 644

    admin and include folders 755

    Did you change your user passwords?

    I changed them when I was first hacked – do you think it might be necessary to change it again?

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Hacked 2.3.3’ is closed to new replies.