WordPress.org

Support

Support » How-To and Troubleshooting » Hacking WordPress on my server

Hacking WordPress on my server

  • I’ve had some hacking into my servers and htaccess files across all my wp web sites recently. Least this is the conclusion I’ve come to?? I still haven’t got my sites up after two weeks now.

    Not only that i didn’t know where to start because i could not even log into the servers and the ftp stopped as well.

    So far i have found that each of the htaccess file have been either changed, deleted or removed, something different for each site.

    I get 500 internal errors on loading any site 2.9.2. There is some villans out there that really try to mess your world around.

Viewing 15 replies - 1 through 15 (of 19 total)
  • esmi

    @esmi

    Forum Moderator

    That’s helpful!

    Freak this annoys me i tried to just upload the new wp3 and do the manual upgrade. It went OK and got to the upgrade button in the browser and then it gets a blank screen. Like the first totally blank web page i have ever seen just all white. But least the Internal Server Error has went away.

    Also getting strange emails in my inbox from submit forms across my web sites now even though the site are not online. Someones playing with me STILL.

    Still haven’t got this sorted out.

    Moderator James Huff

    @macmanx

    Regarding the blank screen, try resettings your plugins. If that resolves the issue, reactivate each one individually until you find the cause.

    Regarding the form submissions, could it just be bot activity?

    I received another submission form blank email just today from a form that’s so old i never even use it from another site but it’s still on the server. It could be a bot but it is a coincidence that it has been happening since the hacking. I got one today from another form. No text in the email and no reply email.

    I did this in myPHPadmin. Resetting as per instructions in link from a:2:{i:0;s:19:”akismet/akismet.php”;i:1;s:25:”commentluv/commentluv.php”;}

    It didn’t bring any change to the blank screen! I’m not getting a lot of time to fix this so sites been down three week now.

    Moderator James Huff

    @macmanx

    Access your server via FTP or SFTP, navigate to /wp-content/themes/ and rename everything except the /twentyten/ directory. This will force the Twenty Ten theme to activate and hopefully rule out any theme-specific issues.

    I don’t quiet understand this because apart from the /wp-content/themes/twentyten there is only one other file called index.php in the /wp-content/themes/ folder?!

    What should the new wp3 htaccess file look like a.t.m.. i got this.

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /home/
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /home/index.php [L]
    </IfModule>

    # END WordPress

    One site is up and running again. I tried the login to admin then into the themes. It had a message in that it repaired the theme. Then the site loaded.

    Trying the same thing on a second site to try load the WP admin login page still brings a 500 Internal error. Haven’t got to the others yet!

    Moderator James Huff

    @macmanx

    Internal server errors are usually described in more detail in the server error log. If you have access to your server error log, generate the error again, note the date and time, then immediately check your server error log for anything useful. If you don’t have access to your server error log, ask your hosting provider to look for you.

    Where in the cPanel can these Internal Server Error logs be tracked. It’s interesting because i will be able to get a better picture what’s going wrong without asking the host which really annoys me to do!

    Moderator James Huff

    @macmanx

    In my cPanel, the section is called simply “Error log,” but this can vary depending on hosting provider and cPanel configuration.

    ‘Error log’ it is.

    On getting the first site up all the pages that we’re created have been deleted and all the widgets in the side bar. Pricks.

    Working on a site two now. This is one of many of the same in the Error log:
    [Sat Jul 03 12:27:42 2010] [error] [client 66.249.71.204] File does not exist: /home/invest/public_html/500.shtml
    [Sat Jul 03 12:27:42 2010] [error] [client 66.249.71.204] SoftException in Application.cpp:601: Directory “/home/invest/public_html/blog” is writeable by group

    No .htaccess file in site two. I used to be able to see one. though when i upload a new one it does not appear anymore. But if i do a cPanel search in that folder there is one there just can’t see or open it.

    Changed the ‘blog’ folder permissions back to 755, it was changed to 777. One of the other servers had all folders converted to 777 (not my doing at all). I would never do this.

    Moderator James Huff

    @macmanx

    [Sat Jul 03 12:27:42 2010] [error] [client 66.249.71.204] SoftException in Application.cpp:601: Directory “/home/invest/public_html/blog” is writeable by group

    That’s definitely the source of the error. Changing the /blog/ directory’s permissions back to 755 should have solved it. Did it work?

Viewing 15 replies - 1 through 15 (of 19 total)
  • The topic ‘Hacking WordPress on my server’ is closed to new replies.
Skip to toolbar