WordPress.org

Forums

Possibly got hacked? (5 posts)

  1. SmalliSax
    Member
    Posted 1 year ago #

    I am starting to get the feeling that my wordpress site got hacked recently.

    It was running on a very old WordPress version which I am not really sure which one unfortunately but when I was to enter the site one day it is completely blank.

    It does not work to put /wp-admin at the end to login either. I get a blank screen.

    If I try using /wp-login.php I get this error:

    Parse error: syntax error, unexpected '}' in /var/www/www.mysite.com/www/wp-login.php on line 144

    If I look at this line on my FTP server in the wp-login.php I get an exclamation mark in my editor and the line starts like this:

    try{document.getElementById('<?php eval(base64_decode("ZXJyb3JfcmVwb3J0aW5nKDApOyBpZiAoIWhlYWRlcn ....

    The key is very long, but from what I have been searching on these forums, people are pointing out that it might been hacked. I just haven't found any solution to it yet.

    Can you guys help me out figure what the problem is ? I've checked with my host and it's up and running, so it's not suspended or anything.

    If you need more information please let me know!

    Thanks!

  2. Dave Naylor
    Member
    Posted 1 year ago #

  3. SmalliSax
    Member
    Posted 1 year ago #

    Hey WPRanger,

    Thank you so much for all these information. I found out that it had been compromised by echoing the base64 code in my browser and seeing it was redirecting to a suspicious webpage.

    I didnt have much things on my website when it got hacked, would it be alright just to make a clean install of newest wordpress through my FTP ?

  4. Dave Naylor
    Member
    Posted 1 year ago #

    If you do a fresh install with a new database then at least you'll know the site is clean. However, you need to find out how your site was compromised in the first place. If you don't, the attacker could just walk back in again.

  5. SmalliSax
    Member
    Posted 1 year ago #

    That's true, but the fact is that I really dont have the time to clean up the old one because we are doing a relaunch on the new one in a short time schedule.

    I want to say that it might have been because there were no security plugins and it was very old WordPress site.

    I just went ahead and did a fresh install of the newest version and I am grabbing some security plugins to be safe in the future.

    Thanks for your time on this matter though!

Topic Closed

This topic has been closed to new replies.

About this Topic