site hacked

  • danwdude

    (@danwdude)


    15 years, 7 months ago

    My wp site is hacked by someone called Halem, it says hacked by halem and some music.

    Below file was hacked, i changed the permissions to 444 to this file before it was 644. How can i rpevent it being hacked again? any specific steps to follow to secure WP installation?

    /wp-content/themes/twentyten/functions.php

Viewing 2 replies - 1 through 2 (of 2 total)
  • Moderator James Huff

    (@macmanx)

    15 years, 7 months ago

    Well, first of all, download WordPress again and delete then replace the file with a fresh copy, if you haven’t done so already.

    Unfortunately, 644 is as restrictive as you can get when concerning write privileges. Anything less will only restrict read privileges, which you really don’t want to do with a live file.

    This type of hack tends to happen on poorly secured shared servers. All it takes is for an attacker to compromise one account on the server, or even simply sign up for an account himself, and then he’ll be able to write to every single file on the server regardless of who it “belongs” to.

    I recommend that you report the hack to your hosting provider. If they refuse to do anything about it, it may be time to find a hosting provider that takes server security more seriously.

    webjunk

    (@webjunk)

    15 years, 7 months ago

    http://codex.wordpress.org/FAQ_My_site_was_hacked
    http://codex.wordpress.org/Hardening_WordPress

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘site hacked’ is closed to new replies.