Support » Fixing WordPress » My site was hacked? What to do?

  • Hey all…this is my first time on the forums. My site, which uses wordpress, was hacked. It seems like the only thing that was the hackers did was change the name and tagline of the blog so that the message of presence was there for me to see. So I changed those back…but what should I do to make sure that nothing is missing and everything else is alright? Should I change my admin password or is it possibly not comprimised? What can I do to prevent this from happening again? Thanks for any help.

Viewing 11 replies - 1 through 11 (of 11 total)
  • Hardening_WordPress might help you.

    ya know, how about you UPGRADE your widely exploitable wordpress install, for starters??

    You are using 2.0.4

    There’s a fistful of exploits available via Google for your blog.

    That or you can just continue doing nothing. After all, all they did was change the name and tagline. Hell that aint so bad. 🙂

    What worries me is that there are so many people running ancient versions of WP. Mark Shuttleworth, for example, still runs 2.0.4.

    jeremy,

    I gave up, worrying. I figure that if ppl are too lazy, or too dumb, or too ‘whatever’ to take care of their sites — what do I care 🙂

    I use every security tool available – I keep my site current – I’m the fricken fort knox of web sites – i mitigate my own risk and am confident in my own site’s security. P**s on the rest.
    As Marie A. might have said:

    “let em eat cake”

    On a lighter note, I put together a short mandate on how hosts ought to just shut down the sites of ppl that choose not to be responsible web masters. I actually got a reply from Tim Dorr of ASO — it didnt fly too well with him 😛

    How do you find out your version of wordpress you are running? (I didnt install it)

    Thanks Paul

    you “view the source” using your browser: . unless youve removed it somewhere around line 6 of any page:

    <meta name="generator" content="WordPress x.x.x" /> <!-- leave this for stats please -->

    You can also see it in the feed source.

    And its at the bottom of ALL the pages in the adminstration
    area.

    Who woulda thunk?

    You never looked around in your own admin panel? It is in the footer of every page in the admin…

    My admin has changed the php files my dashboard page is empty, whilst looking at the source i found out i am running 1.5.1.3. Really old, no wonder none of the plugins work. Thanks for the info.

    Paul

    audurz

    (@audurz)

    My site got hacked, I see after reading this thread I need to take better care of my security- and I will from now on.
    BUT- what do I do with my site now? Is it ruined?
    Is there some way I can find out what they did and erase it??

    PLEASE HELP ME!

    Audurz,

    Change your password, make sure nothing is missing, ensure there are no new administrator accounts within the wordpress user settings pages, and then i’d recommend Firewall Script

    All the best

    Andy

    Audurz,
    you have an hidden user in your users-table.
    Y find his in your blog.
    Read my write in this post:
    http://wordpress.org/support/topic/168964?replies=25
    You have this problem.
    Ciauuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuz
    Mau

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘My site was hacked? What to do?’ is closed to new replies.