I haven’t updated to WordPress 2.8.6 yet… could this be the problem?
depends on the version you’re running.
Maybe you have been own3d?
Peter
1) "webadmin.php" shows up on the top
Do you mean that going to the homepage you get redirected there?
On that note, WordPress doesn’t even have a webadmin.php file…
Prior to making that last post, had you installed any new widgets or done anything differently? Normally, I will change one thing at a time and then make certain that my site is okay before moving on. I’m not familiar with Tranquility, but does it use jQuery? If so, there could also be a conflict between jQuery and a widget.
Hope this helps.
Thanks for the replies.. If it helps at all to take a look at my blog, it’s: otminteriors.com/wordpress/
pboosten – I’m running WP 2.5.1. What do you mean by owned? Hacked?
geraldyeo – no redirection, just the text “webadmin.php” and a box that looks like a search box.
Kellymar – I hadn’t installed anything new. I downloaded WP 2.8.6 to my laptop, but didn’t install it. And sorry, don’t know what jQuery is. I’m not a techie, so I’m not up on all the software, etc.
Any other thoughts?
I’m running WP 2.5.1. What do you mean by owned? Hacked?
Yes, that’s exactly what I mean, and likely, since WordPress had lots of vulnerabilities since your version.
Peter
Thanks, Peter. So what do I do? Is there any way to restore my blog? It appears the texts to my posts are still intact, as are the links to the images…
If it’s too long/difficult to respond, is there someplace on this forum or in Codex that you can point me to?
Many thanks,
Sheila
http://codex.wordpress.org/FAQ_My_site_was_hacked
will get you through everything, if you do everything recommended there
Thanks, RVoodoo. Just checked your recommended link. Looks like it’ll be a pretty time-consuming endeavor, so I’ll plan to work on it tomorrow..
BTW, I’m wondering.. The past few weeks, every time a write a post, I get an almost immediate comment from the same source with the same comment. (Comments need to be approved by me, and people who aren’t registered users aren’t supposed to be able to comment at all.) Could this be the “hacker”?
yes it could be, pretty much, once your WP install is compromised, hackers/spammers have an open door to do whatever they wish. It will most likely be a time consuming endeavor. And unless you are complete and thorough, problems will continue to pop up.
Just a piece of advice from someone who’se dealt with it.
Thanks, again. I’m actually considering hiring someone to take care of this for me. I’m in Boston, so there’s no shortage of students and/or unemployed people who I’m sure can do this much more quickly and thoroughly than I could.
Aaarrrrggghhh!!!
Webadmin.php is a tool that gives anyone using it unfettered access to the entire filesystem on any *nix server. It will climb to the very root (/) and will gladly allow its user to view, edit, and delete files wherever permissions allow.
You have been hacked by some other user on your shared hosting machine. Oddly enough, the hacker left a note behind telling you what tool he used.
Google “webadmin.php” and you will find it readily available for download. At the same time you’ll probably spot a few sites hacked like yours — with the webadmin branding inserted at random points in the body. I found one site that when I clicked on it webadmin opened as the site’s front page, thus giving any surfer passing by access to every user account on that filesystem.
The same happened to me a few years ago, and I’ll tell you, I learned everything I could about securing my website and my WordPress as quickly as I could. Ultimately, I moved to another host and started fresh. I’m sorry it happens. It’s like coming home to find that burglars have torn up your home. You feel violated. I know about that, too.
