Theme Hacked (5 posts)

  1. Milliways
    Posted 2 years ago #

    Last month I set up a WordPress installation on a shared server.

    I logged on today, to discover it had been hacked.

    I reset the salt, changed my password.

    I checked all the files, the only change to the site seems to have been the replacement of header.php in the twentyeleven theme.
    I restored the original and the site now looks OK.
    I am still trying to learn WordPress, and am developing the site.
    It only has 2 registered users with reasonably strong passwords.

    Does anyone have any idea how this may have happened?
    Is there any inherent weakness in WordPress?
    This has not exactly filled me with confidence.

    I have not had any other problems, apart from attempts to post spam on my Bulletin Board.

  2. Pioneer Web Design
    Posted 2 years ago #

    Site link?

  3. Milliways
    Posted 2 years ago #


  4. Pioneer Web Design
    Posted 2 years ago #

    Consider a more secure hosting environment


  5. The Hack Repair Guy
    Posted 2 years ago #

    WordPress as it goes is quite secure.
    Most folks I end up assisting with their hacked sites are resultant from:
    1. stolen FTP or Dashboard password.
    2. Outdated WordPress, plugins or themes.
    3. Compromised web host (very uncommon but I've seen a couple this year).

    That said, locating a web host who does daily malware scanning is a good start (that is, if you are interested in getting hacked less often).

Topic Closed

This topic has been closed to new replies.

About this Topic