WordPress.org

Forums

Has my site been hacked thru wordpress? (29 posts)

  1. redtango88
    Member
    Posted 7 years ago #

    We discovered this morning that 86 files had been inserted into our site all of which redirect people to poker and casino sites. We are a business strategy consultancy in the UK!

    This seemed to happen on 1 May and there are now 1000's of rubbish links to these pages.

    Our ISP are 'looking into it' with concrete boots on and I am trying to work out what went wrong.

    Do I have a blog I was asked... yes, a WP blog that I find now doesn't work and I can't log into it.

    please help? i want my blog back and I want to prevent this rubbish coming into my site. A web designer set up the WP blog for us 18 months ago and I haven't upgraded it since - that is what I was trying to do when I found I couldn't log in.

    Any help greatly appreciated
    Kath

  2. Jeremy Clark
    Moderator
    Posted 7 years ago #

    You'll have to reset the admin password. Look here for instructions how. As soon as you get done please do upgrade.

  3. whooami
    Member
    Posted 7 years ago #

    A web designer set up the WP blog for us 18 months ago and I haven't upgraded it since

    I hate to be the bearer of bad news, but that's not exactly a good sign.

    There have been countless (too many to count, in fact) upgrades made available since then.

    Honestly, what can you possibly expect anyone to say to that?

  4. drmike
    Member
    Posted 7 years ago #

    Honestly, what can you possibly expect anyone to say to that?

    The designer may have told them that upgrading wasn't needed or skipped over that point. Wouldn't be the first time. I've gotten those with my clients when they come over. Not many of them understand the comcept of having to upgrade.

    Virus protect programs are like that as well even though it's very important to upgrade the sig files.

  5. whooami
    Member
    Posted 7 years ago #

    thats not really my point.

    She (I'm assuming Kath is a female) asked a fairly ambiguous question. The only semi-concrete thing we know is that she has a very outdated blog installed on the box. We dont know what's responsible for running the main site. We don't know what permission settings, we dont even know WHAT was compromised aside from the directory with all the files, and for those we dont have timestamps, etc.. etc.. etc..

    It's impossible to say for sure what 'application' was the root cause without more information, if, in fact, someone needs to blame a piece of software, and not the user(s) of the software.

    Frankly, I would let the host see what they can find out, if anything. And in the future, regardless of what you are using for your site, remember that security doesn't just "happen", its proactive.

  6. Kahil
    Member
    Posted 7 years ago #

    Ughhh... again, keep in mind that not everyone is as tech savvy as you are...no need to belittle...please...

    She gave more than enough information to get the idea of what is going on and what happened. At this point I see only two options. 1) Go back to the web designer or hire a new one to fix the situation. Hopefully they can get things back up and going the way they should with little to no loss of post/page data. 2) Log into your hosts site management area, change your FTP login information, create a new database with new login info. Then, log into the FTP for your site and delete everything (after you back up needed files of course). Finally, upload the newest version of WordPress and start it over from scratch. Yeah, its a pain in the patoot, but if all else fails...

    Good Luck!!!

  7. whooami
    Member
    Posted 7 years ago #

    piss off Kahil, youre out of line (I WAS polite to her and there was nothing said that belittled her). Your sensitivity training class is going a little off the deepend.

    as for YOU..she asked a very specific question:

    Has my site been hacked thru wordpress?

    I missed the part where you are able to determine that based on the information provided in her post. Thank you for proving my point.

  8. drmike
    Member
    Posted 7 years ago #

    And I was just throwing out an idea about what had occured. Nor was I intending to belittle anyone.

    I host 2900+ paying clients. I could tell you some stories that I've heard about their previous hosts.

  9. Kahil
    Member
    Posted 7 years ago #

    lol...wow...

    she asked if it was hacked. she gave her reasons for believing that it was so. based on that specific info, that there were extra files and links, its valid and easy to assume that yes, she was hacked. I then gave her two possible solutions.

    "Honestly, what can you possibly expect anyone to say to that?"

    That comes off as though you are talking down. It gave no solution or help and was rude.

    Case closed...

    Sorry for the behavior of some of the posters here in this forum redtango88. Hopefully their behavior doesn't reflect poorly on everyone else. Hope you come back for all your WordPress queries. Good Luck!!

  10. whooami
    Member
    Posted 7 years ago #

    thats how YOU read it kahil.

    Merely because you spend your posts here talking to people like they all have your same fragile ego, doesnt mean others need to.

    Frankly, what I said was a fair question.Its not about talking down to people, its about being honest. You expect a response to her statement to be what.. sugar coated?

    Lets see, here's the kahil reply to her stating shes running an 18 month old version of WP and comes here wondering if her site was hacked as a result of that:

    "ohhhh, thats toooo bad, Im soo sorry. what a pain in the patooty. better luck next time!"

    YOU patronize people, and you enable people to be dumb.

  11. Kahil
    Member
    Posted 7 years ago #

    Some people just can't take a hint...

    Someone, please close this thread. Its gone from a support thread to a flame thread.

  12. Adam Brown
    Member
    Posted 7 years ago #

    Perhaps we can propose a one-hour cooling off period all around...

  13. whooami
    Member
    Posted 7 years ago #

    kahil, what, you can dish but cant take similar criticism?

    theres your fragile ego again.

    It became a flame thread when you decided you were able to speak for someone else, for your information.

  14. Kahil
    Member
    Posted 7 years ago #

    its one thing to criticize, its another to attack.

    p.s., my ego is far from fragile.

    again, please close this thread. redtango88, sorry again.

  15. whooami
    Member
    Posted 7 years ago #

    I see, calling your posts patronizing is attacking you, but calling my reply rude, isnt? I see.

    whatever.

  16. Kahil
    Member
    Posted 7 years ago #

    GIVE IT UP ALREADY! DAMN!

    "piss off Kahil" = attack

  17. drmike
    Member
    Posted 7 years ago #

    Hey at least I didn't start it this time. :)

  18. whooami
    Member
    Posted 7 years ago #

    I know, I know, here's the kahil reply to someone that can't seem to mind their own business: you.

    "oohhhh, immm sorry, I didnt mean to offend you, Im a pain in the patooty, Ill be better, I promise."

    Thats what the mods are here for kahil, did you know that? Michael, moshu and handy have my e-mail.

    should I let him have the last word? :) He even had to come back and edit his last post.

    You go ahead, kahil post, I'll let you have the last word. I had since moved onto other threads anyway. Besides which, Im going out to dinner.

  19. redtango88
    Member
    Posted 7 years ago #

    Oh heck, I didn't intend to kick off this kind of exchange but I do appreciate all the feedback.

    Our WP blog was set up by a designer 18 months ago who did it all for us and mentioned nothing about upgrades. I can see that some think that is naive on my part and I guess I just have to accept that view. If I knew the answer I wouldn't have come here asking the question - so now I know.

    I am in the process of doing exactly what you say above to fix this and hopefully all should be well and the hole that the hackers used will be plugged. As it turns uout I also had an old version of Carp on my server was wasn't being used but hadn't been deleted or upgraded either.

    I guess i will never know if it was WP or Carp but one or the other seems likley. I obviously won't make this mistake again and I will come back here for support. So, thanks everyone for all your feedback, much appreciated :)

    You should be glad that there are people like me who don't know the things that you guys know - it means you will always be in demand!

    Have a good Sunday,
    Kath

  20. whooami
    Member
    Posted 7 years ago #

    redtango88,

    for the record, I dont think your naive, I think you got bad advice, or no advice at all. But then arguably, if you dont ask ...theres nothing to answer.

    I would also prefer to have NO threads on here that start off like yours, trust me - in demand or not. There's plenty of other things to talk about on here -- like the 100 or so per day, "I cant connect to my db" posts.

    Again, and I stress this again and again, effective security is proactive, not reactive. PHP is dynamic, and WordPress is arguably the most popular blogging package on the web so it's imperative that one either stay up to date via the dashboard (in your admin area) or just by checking in here,

    http://wordpress.org/development/

    occassionally.

    Lastly, while it's tempting to put up a site and just "leave it" (not visiting the dashboard, not checking in at the link above), thats NOT a smart thing to do with anything thats PHP based. Thats when you are better off to just hard code plain old HTML pages, and stick to those.

    In a sense, it's safe to say, that PHP driven sites require a kind of web babysitting. I call that being responsible, other ppl call it having to be tech-savvy. They just happen to be wrong. :P

    Hope that helps :)

  21. Kahil
    Member
    Posted 7 years ago #

    Ouch! Another jab from whooami. Hrmmm... Well, according to you, whatever advice I give in this forum is bad advice. There is nothing wrong with what I suggested. She flat out told us that she didn't have much experience with WordPress. You can't "babysit" what you don't understand. She seemed in need of a fairly quick solution, so what is wrong with suggesting that she either contact the developer who set it up for her or to re-install it all from scratch with a current version after backing up what she needs to keep? Thats right, there is nothing wrong with that advice. But again, according to you, I'm always wrong. Get off your high horse.

    There is no such thing as bad advice, its what you do with it that matters.

  22. whooami
    Member
    Posted 7 years ago #

    aha!
    there you go again -- and guess what -- nothing in my post was directed at YOU.

    for the record, I dont think your naive, I think you got bad advice, or no advice at all...

    I was refering to the person who installed WordPress for her, you overly-sensitive crank.

    Believe it or not, not every post on here has something to do with you.

  23. Kahil
    Member
    Posted 7 years ago #

    wow...you just don't stop with the attacks now do you? Instead of telling me to piss off, now you're calling me an "overly-sensitive crank". Hrmmmm... Isn't flaming and personal attacks against the forum rules. Hmmmmm...it is in most. Oh well.

  24. whooami
    Member
    Posted 7 years ago #

    You are, additionally, quite wrong about one thing. There must certainly is such a thing as bad advice. If you need examples, I can certainly provide some.

    I don't think you do. You are just contrary.

  25. Kahil
    Member
    Posted 7 years ago #

    For the love it all. Someone please just close this thread.

  26. whooami
    Member
    Posted 7 years ago #

    kahil, do you know what a crank is? I don't think you do, since I JUST made it up, lacking any other thing coming to my mind.

    hahahhaah. you're really too much. Go try another thread, kahil, I'm moving on. Ive already caught you being OVERLY sensitive/paranoid/sketchy/whatever you want to call it - by your reaction to a post that had NOTHING to do with you.

    I assure you when I address you, you'll know it.

    for the love of my patooty

  27. Kahil
    Member
    Posted 7 years ago #

    Again, lets just close this thread.

    address all you want. look it up, crank is a derogatory term.

  28. whooami
    Member
    Posted 7 years ago #

    I could have done much better, trust me. Im actually being kind since you're family.

  29. Kahil
    Member
    Posted 7 years ago #

    hahahahahaha... well at least we have one thing in common!!

Topic Closed

This topic has been closed to new replies.

About this Topic