Support » Plugin: WordPress MU Domain Mapping » [Plugin: WordPress MU Domain Mapping] Domain Mapping plug-in being hacked by Indonesian hackers

  • Hey everyone,

    I have a WordPress site that’s been hacked twice now through sunrise.php and domain-mapping.php. There is a security exploit somewhere. Both times I’ve been hacked, I’ve had to clean up the top level directory of files placed by the hacker and update to a clean install of WordPress. I kept on trying to figure out why that wouldn’t clear out the hack, then I replaced sunrise.php and domain-mapping.php and the hack disappeared.

    Unfortunately, I overwrote the files without saving them down to look at them, but I know that that hack disappeared once I overwrote those files with new ones.

    Someone needs to look into this asap. I’m not sure if it’s an exploit in domain mapping or somewhere else, but that’s what I’ve been experiencing, so it should be something that someone looks into for sure.

    Tony Zeoli

    http://wordpress.org/extend/plugins/wordpress-mu-domain-mapping/

Viewing 1 replies (of 1 total)
  • Plugin Author Ron Rennick

    (@wpmuguru)

    Just because that was the file that had the extra code doesn’t mean that is the file/method they used to gain access.

    The hacker was probably using that file because it’s one people might not think to check.

    My first recommendation would be to change all of the passwords you can. (Depending on your hosting you may not be able to change your DB password.) And, when you change them, don’t use the same password twice.

Viewing 1 replies (of 1 total)
  • The topic ‘[Plugin: WordPress MU Domain Mapping] Domain Mapping plug-in being hacked by Indonesian hackers’ is closed to new replies.