WordPress.org

Support

Support » Miscellaneous » Recent Security Issues For WordPress – Is My Site Clean ???

Recent Security Issues For WordPress – Is My Site Clean ???

  • kilpatrick

    @kilpatrick

    I recently had the problem so many wordpress users have had over the past few weeks. My sites (Five sites) were all breached. The permalink structure was changed resulting in the pages/posts not showing.

    Before I even realised this was a hacking attempt I just changed the permalink structure to what it was originally (I did this over a week ago). Since that time everything has worked right on all my sites.

    So am I clean ?? was this hacker able to do anything other than change my permalink structure. Should I be worried about the return of the problem ? and what sort of things should I be looking out for ??

Viewing 1 replies (of 1 total)
  • Wild guess is no, it’s not clean.

    http://wordpress.org/support/topic/307660
    Look at the links there for further info

    If it was the eval/base64decode worm, the reported symptoms are that it creates a new admin user for itself, injects spam/hidden code into old posts and modifies a file involved in building permalinks, and possibly another as well. Follow the instructions in the links above and clean house.

    If you’re running the latest version of WordPress, 2.8.4 (or 2.8.3), you should be safe if you clean your install properly and upgrade.

Viewing 1 replies (of 1 total)
  • The topic ‘Recent Security Issues For WordPress – Is My Site Clean ???’ is closed to new replies.