My website was recently hacked and I had a hard time figuring things out, but here’s what I’ve done. (not sure if this will prevent it from happening again…)
First I tried to re-install WP. That didn’t work because the access had been denied.
I tried using FTP to delete the WP files and folders. Access was denied again.
Finally I changed the permissions to 755 – fortunately this allowed me to delete all of the old WP files/folders.
I noticed that the ‘.htaccess’ file had been changed – I deleted the offending code and saved the new file.
Now, I’m pretty sure that the permissions are set to 755/folders and 644/files.
Is there any other loopholes that still exist in 3.0?
- The topic ‘Site attacked with WordPress 3.0’ is closed to new replies.