WordPress.org

Forums

Site hacked with Untitled posts (10 posts)

  1. WP Monkey
    Member
    Posted 3 years ago #

    I think our site has been hacked, since a couple of times a day posts titled "Untitled_9" or "Untitled_10" show up on the site. They do not have correct IDs and dates in the database, and they look to be created by users who were not logged into the site that day. We keep deleting them and have done a lot to try to stop them, but they keep coming back.

    I'm worried that this is the first step in a hack and this business site could go down and effect my client. Anyone else see this?

  2. thisisandymoore
    Member
    Posted 3 years ago #

    Do you have anything to stop hacking on your site? There are various systems you can buy at reasonable cost.

    If you are interested in some, please let me know...

    I have a couple in mind that seem very effective.

    Best Wishes

    Andy Moore

  3. WP Monkey
    Member
    Posted 3 years ago #

    I found the following in our .htaccess file:

    AuthName "<sitename>"
        AuthUserFile "/home3/timbero8/.htpasswds/public_html/<sitename>/passwd"

    For this forum I replaced our actual sitename with <sitename>.

    I deleted these lines but also noticed that this code was repeated twice in the .htaccess file as well:

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    
    # END WordPress

    Should I delete the second one as well?

  4. WP Monkey
    Member
    Posted 2 years ago #

    Has anyone else seen this? I have 2 sites where this is happening, at least once a day an Untitled post is being created, and not by a live person. I have firewalls and file monitors in place, plus a number of other safety precautions... but they are still there.

  5. kmessinger
    Forum Moderator
    Posted 2 years ago #

    Which sites?

  6. TylerPEI
    Member
    Posted 2 years ago #

    Hello,

    I am having the same issue. I have check file permissions and my htaccess file and everything seems fine.

    Once a day, I have one of my admin level users post a untitled draft post that is blank. He did not do this and I have changed his password to the site.

    Please let me know if you solved this, it is a business site as well and I do not want it to be hacked.

  7. TylerPEI
    Member
    Posted 2 years ago #

    Hello,

    I am having the same issue. I have check file permissions and my htaccess file and everything seems fine.

    Once a day, I have one of my admin level users post a untitled draft post that is blank. He did not do this and I have changed his password to the site.

    Please let me know if you solved this, it is a business site as well and I do not want it to be hacked.

  8. TylerPEI
    Member
    Posted 2 years ago #

    asappm.com

  9. WP Monkey
    Member
    Posted 2 years ago #

    Look very carefully at what other processes are firing off at the same time as the Untitled posts are being created.

    I found that it was coming from a form we had created using Gravity Forms and a post field had mistakenly been added to the form. Post fields mean that posts will be create when the form is submitted. User error, whoops.

  10. TylerPEI
    Member
    Posted 2 years ago #

    I was thinking it was something along the same lines but do you know how I can check where the post comes from or what fires off at the same time?

    I been removing plugins and anything I can think of ... I been trying so many things with the website that I am not sure what it is.

    I also use Gravity Forms but not to post.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags