WordPress.org

Forums

Seriosu security issue (5 posts)

  1. AmaZulu
    Member
    Posted 7 years ago #

    Awoke I this morning to the gloomy realisation that some Ukrainian aholes have hacked my WordPress site.

    I don't know how they did this, but I can't get into my admin area and I can't seem to find the installation in my host's Fantastico panel. It's disappeared.

    This is a huge concern for me because I thought I had finally found a CMS that I could work with safely. I'm not all that clued up on networking and security so I would really appreciate some assistance.

    I'm not going to post my URL here (for fear of further hacks) but I can say that when I type it in I am getting this error:

    Warning: Cannot modify header information - headers already sent by (output started at /home/XXXXX/public_html/XXXXX/cms/index.php:11) in /home/XXXXX/public_html/XXXXX/cms/wp-includes/functions.php on line 1450
    Error establishing a database connection

    The browser is also trying to get info from the following place: http://ccfelomvhk.com but timing out.

    How did this happen? How can I fix it & how can I prevent it from happening again?

  2. rlparker
    Member
    Posted 7 years ago #

    What version of Wordress was your site using? It's an "arms race" kind of situation at work here:

    The popularity of WordPress, and the *huge* number of blogs running it, makes it extremely attractive to black-hat vandals. The WordPress community generally reacts very quickly to a reported exploit, and releases updated code to close the hole, but many users *do not upgrade*, and therefore continue to run blogs with code that has known weakness for these guys to attack.

    You *must* stay on top of the upgrade process to minimize the risk of your site being exploited.

  3. AmaZulu
    Member
    Posted 7 years ago #

    I was running 2.3.3 (I think?). It was the version just before 2.5 that came out about a week after I installed.

    Thankfully I didn't have too much data in there but it pains me to have to start again. At least my theme modifications I have backed up, so that was my main "investment".

    They also got into my Coppermine installation and screwed that up beyond recognition.

    Has anyone else had break-ins with 2.3.3? What do I need to do to try and restore it?

  4. whooami
    Member
    Posted 7 years ago #

    it was your coppermine install that was prolly the source of the problem. if you search ....

    http://www.google.com/search?hl=en&q=ccfelomvhk.com+coppermine&btnG=Google+Search

    This is a huge concern for me because I thought I had finally found a CMS...

    did you do *any* research before jumping on the "my wp has been hacked" bandwagon? Its hard enough to deal with legitimate WP problems, we dont need coppermine's as well.

  5. AmaZulu
    Member
    Posted 7 years ago #

    Yes, I did. I immediately thought it might be Coppermine because I have been getting a lot of reggies on there recently that were trying to post spam.

    However, if it was Coppermine, how did it manage to screw up my WP installation? What am I not understanding?

    Please realise that not everybody is a web developer. We use this Open Source stuff because we can't develop it on our own.

Topic Closed

This topic has been closed to new replies.

About this Topic