WordPress.org

Support

Support » How-To and Troubleshooting » My site was hacked and host says Hello Dolly was Hacked

My site was hacked and host says Hello Dolly was Hacked

  • uberschizo

    @uberschizo

    My website, running on WP3.2.1 and fully updated was recently hacked, when I contacted the hosts, they sent me an email that said

    Hacker IP “182.177.220.194”
    They had used a POST command on the WordPress plug-in “Hello Dolly” in order to upload the new index.php file.

    I’ve never heard of Hello Dolly being hacked, and wanted to know if this was them being honest or making excuses.

    I can request more information, and would also love to know how I can prevent this in future. (disabling Hello Dolly is extreme, dont you thinks 😉 )

    thank you

    Schizo

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator Kathryn

    @zoonini

    Automattic Happiness Engineer

    Here’s how to report security issues with WordPress or WP-authored plug-ins: http://codex.wordpress.org/FAQ_Security#Where_do_I_report_security_issues.3F

    Are you actually running Hello Dolly to display quotes on your site? If you’re not, simply delete it.

    Moderator Sergey Biryukov

    @sergeybiryukov

    WordPress Dev

    I’ve never heard of Hello Dolly being hacked, and wanted to know if this was them being honest or making excuses.

    That email sound like a made excuse to me. Hello Dolly has no HTML forms or settings screens, therefore it doesn’t accept any POST or GET requests and certainly doesn’t have anything to do with uploading files.

    Simple. When someone gets access to your administration page, they can (depending on whether you’ve changed permissions on the plugin directory or not) change the plugin’s content, in this case the Hello dolly, and then use it to upload files. Trust me, this can be done. Happened yesterday to me. This is not a WordPress’ security issue, this is just us being dumb.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘My site was hacked and host says Hello Dolly was Hacked’ is closed to new replies.