My site was hacked!! (8 posts)

  1. Sarahc
    Posted 8 years ago #

    I got this message on my site title "Hacked By Faraz Security TEAM" . I had just installed wordpress today. I was working on the site while this was happening so I just uninstalled wordpress. Now I am afraid to install it again. I have several wordpress sites though!

    How could this happen? What can I do to protect my site?
    It was version 2.6

  2. korythewebguy
    Posted 8 years ago #

    Re-install WordPress, then add the following line inside your template's <body> tags:

    <!-- wpscanner -->

    Once that's done, run the web-based BlogSecurify scanner at http://www.blogsecurify.com/ , and post any security warnings (WITHOUT the address/URL to your blog) it gives you back in this thread so we can make suggestions.

    After running the BlogSecurify scanner, MAKE SURE you remove the <!-- wpscanner --> line from your template , as this will prevent others from running the scanner on your site and obtaining any vulnerability information.

    You might also consider installing the WordPress Security Scan plug-in, which will tell you what permissions should be set on several crucial WordPress files.

    If you're not familiar with setting write permissions, download the Filezilla FTP client and use it to correctly set the file permissions on your site.

    Hope we can help you out! :-)

  3. Ziyphr
    Posted 8 years ago #

    What plugins are you using? These can also be a possible cause of security breaches.

    Unless you had an easy to guess admin password it is most likely that your server is not properly secured, in which case I would move to a new host.

  4. Sarahc
    Posted 8 years ago #

    Thanks for your replies! I use hostgator.com for hosting. I moved about 6 months ago from a really lousy web host and I would hate to move again. Does anyone know how the security is with hostgator?

    I am using the plugins
    all in one seo pack
    no flash uploader
    google sitemap generator
    stats 1.2.2
    wp polls

  5. Sarahc
    Posted 8 years ago #

    Here is the report from blogsecurify.com

    * Found charset text/html; charset=utf-8 (in headers text/html; charset=UTF-8). (Excellent!)
    * Detected wpPaginate-v2 at http://myblogsurl.com/wp-content/plugins/wpPaginate-v2.php
    * Detected related_posts at http://myblogsurl.com/wp-content/plugins/related-posts.php
    * Detected wp-lightbox2 at http://myblogsurl.com/wp-content/plugins/wp-lightbox2/js/lightbox.js
    * Detected backupwordpress at http://myblogsurl.com//backupwordpress/readme.txt
    * Detected gravatars at http://myblogsurl.com/wp-content/plugins/gravatars.php
    * Detected Akismet at http://myblogsurl.com/wp-content/plugins/akismet/akismet.gif
    * Detected ultimate_tag_warrior at http://myblogsurl.com/wp-content/plugins/ultimate-tag-warrior-actions.php
    * Detected timezone at http://myblogsurl.com/wp-content/plugins/timezone.php
    * Detected podpress at http://myblogsurl.com/wp-content/plugins/podpress/images/rss-audiowma.png
    * Detected wp-contact-form at http://myblogsurl.com/wp-content/plugins/wp-contact-form/wpcf_button.png
    * Detected subscribe-to-comments.php at http://myblogsurl.com/wp-content/plugins/subscribe-to-comments.php
    * Detected feedstats at http://myblogsurl.com/wp-content/plugins/feedstats-de/screenshot-2.png
    * Detected Mime at http://myblogsurl.com/wp-content/plugins/mime.php
    * ad: GNUCITIZEN - Cutting-edge Think tank | Ethical Hacker Outfit
    * Detected aa-password-protect at http://myblogsurl.com//saa-password-protect/readme.txt
    * Detected get-recent-comments at http://myblogsurl.com/wp-content/plugins/get-recent-comments.php
    * Detected exec_php at http://myblogsurl.com/wp-content/plugins/exec-php/doc/readme.html
    * Detected Adsense-deluxe at http://myblogsurl.com/wp-content/plugins/adsense-deluxe.php
    * Detected wp-backup at http://myblogsurl.com/wp-content/plugins/wp-db-backup.php
    * Detected flickrrss at http://myblogsurl.com/wp-content/plugins/flickrrss.php
    * ad: GNUCITIZEN - Cutting-edge Think tank | Ethical Hacker Outfit
    * Detected wp-notable at http://myblogsurl.com/wp-content/plugins/blogbling/blogbling_functions.php
    * Detected permalink_redirect at http://myblogsurl.com/wp-content/plugins/ylsy_permalink_redirect.php
    * Detected pxsmail at http://myblogsurl.com/wp-content/plugins/pxsmail.php
    * Detected sem-fancy-excerpt at http://myblogsurl.com/wp-content/plugins/sem-fancy-excerpt/readme.txt
    * Detected srg-archives at http://myblogsurl.com/wp-content/plugins/srg_clean_archives/readme.html
    * Detected Hello Dolly at http://myblogsurl.com/wp-content/plugins/hello.php
    * Detected Adsense-deluxe-v0.8 at http://myblogsurl.com/wp-content/plugins/adsense-deluxe_wp_plugin_v0.8/ReadMe.txt
    * Detected wp-cache2 at http://myblogsurl.com/wp-content/plugins/wp-cache/wp-cache-phase1.php
    * Detected sitemap at http://myblogsurl.com/wp-content/plugins/sitemap.php
    * Detected teb-super-archive at http://myblogsurl.com/wp-content/plugins/teb-super-archive/teb-super-archive.php
    * Detected WordPress 2.6 latest version is 2.6 (very good!)

  6. Ziyphr
    Posted 8 years ago #

    That's a lot of plugins. I presume not all are active so remove the ones you don't require and anything you don't really need.

  7. iridiax
    Posted 8 years ago #

    What theme are you using and where did you get it? There are themes out there that come with malicious code and links, and there are other themes (usually older, out-of-date ones) that may have security problems.

  8. @mercime
    Volunteer Moderator
    Posted 7 years ago #

    I noticed that you have wp-cache listed there. I was going to use it but stopped when I found out that in my install, I would need to change chmod of wp-contents from 755 to 777 to make it work. So it was a no-brainer which was more important for me, blog security won hands down over wp-cache plugin. Hyper-Cache is working well on my blog. Loads fast.
    Good luck.

Topic Closed

This topic has been closed to new replies.

About this Topic


No tags yet.