Hacked via Contact Form 8
I recently moved my news site to hostgator.com. So far, so good, until today. I went to the site, and below the visible footer area on the front page were row upon row of porn sites, clickable. I looked at the source code, and it said something about a jquery and Contact Form 8. I quickly disabled the plugin, and then dumped the browser cache and didn’t see the hacked text anymore. This was in Chrome, by the way. I didn’t see the problem in Firefox or Safari, oddly enough.
Hostgator found rogue code in footer.php of my theme, Atahualpa 3.4.4,
base64_decode and a long string of code. I’m afraid to post it here in case it’s still virulent. Anyway, the plugin is still deactivated. I do need a contact form for the site, but now I’m afraid to use one.
Any ideas? I’m running Bad Behavior, Akismet, Limit Login Attempts and regularly do a scan using WP Security Scan.
You could always just use Cforms or something. There are a number of good ones out there. Just search for “contact form” in the Plugins Repository.
I too use cformII but find it less confusing to go directly to http://www.deliciousdays.com/cforms-plugin as the cforms folks have decided not to maintain their Plugins Repository entry. (Long story, I’m told)
If you were hacked via contact form 8 then try a contact form more focused on security than flashiness:
Also install this firewall plugin which is known to stop many common hacker tactics including sql injections:
Some other things worth considering:
Using phpmyadmin change your database table prefixes to something other than the default wp_
- The topic ‘Hacked via Contact Form 8’ is closed to new replies.