Insecure upload page.

  • Resolved dadrepus

    (@dadrepus)


    7 years, 2 months ago

    Background: I’m a small web host that just aquired a client from Web.com. I know very little about WordPress, had some experience with Xoops. He knows virtually nothing. He has an unsecured upload page which has caused havoc on my server. I don’t know enough about wordpress to figure out how to stop it. We have already been invaded and are currently on a few blacklists. HELP! You can reach the offending page by just going to http://www.hisdomain/upload Thats it. any anyone can upload any pages or infections they want. Already is index,htaccess and template pages were compromised. How can we fix this?

Viewing 6 replies - 1 through 6 (of 6 total)
  • Thread Starter dadrepus

    (@dadrepus)

    7 years, 2 months ago

    forgot to click on the notify me. sorry for the double post

    kmessinger

    (@kmessinger)

    7 years, 2 months ago

    Please give us a working link to his site and to your site.

    Thread Starter dadrepus

    (@dadrepus)

    7 years, 2 months ago

    Why would I do that? I don’t know you and your request seems to be too dangerous to allow. Anyone with this information could make our situation so much worse.

    kmessinger

    (@kmessinger)

    7 years, 2 months ago

    Links are just that, a link. If you have public pages that is the server problem not WordPress. WordPess install with all directories 755 and all files 644. The upload page should be at wp-content/uploads and is for media. Who installed the directory website/uploads? Delete that directory. It is useless.

    Thread Starter dadrepus

    (@dadrepus)

    7 years, 2 months ago

    All fixed. Reinstalled WordPress from scratch stopped the problem.

    kmessinger

    (@kmessinger)

    7 years, 2 months ago

    Very good!

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Insecure upload page.’ is closed to new replies.