Title: Themes getting hacked
Last modified: August 21, 2016

---

# Themes getting hacked

 *  Resolved [Martin.Harper](https://wordpress.org/support/users/martinharper/)
 * (@martinharper)
 * [13 years ago](https://wordpress.org/support/topic/themes-getting-hacked/)
 * Hello,
 * I maintain several blogs for my company and I have noticed that some of the very
   popular blogs are getting hacked again and again.. The hacker is able to change
   the admin user and its password into the database and when I log into the wp-
   admin after resetting it I see that it is only the theme that is getting hacked(
   not completely sure).
 * I have remove those blocks from internet for now as I do not want search engines
   to affect its ranking. I want to know how to trouble shoot this..? Would themes
   are recommend by WP..?
 * Thank you for the help.
 * Regards,
    Martin.

Viewing 5 replies - 1 through 5 (of 5 total)

 *  [Andrew Nevins](https://wordpress.org/support/users/anevins/)
 * (@anevins)
 * WCLDN 2018 Contributor | Volunteer support
 * [13 years ago](https://wordpress.org/support/topic/themes-getting-hacked/#post-3703845)
 * Have you gone through these resources:
    [http://codex.wordpress.org/FAQ_My_site_was_hacked](http://codex.wordpress.org/FAQ_My_site_was_hacked)
   [http://wordpress.org/support/topic/268083#post-1065779](http://wordpress.org/support/topic/268083#post-1065779)
   [http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/](http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/)
   [http://ottopress.com/2009/hacked-wordpress-backdoors/](http://ottopress.com/2009/hacked-wordpress-backdoors/)
 * ?
 *  [WPyogi](https://wordpress.org/support/users/wpyogi/)
 * (@wpyogi)
 * [13 years ago](https://wordpress.org/support/topic/themes-getting-hacked/#post-3703846)
 * See also:
 * [http://codex.wordpress.org/Hardening_WordPress](http://codex.wordpress.org/Hardening_WordPress)
 * [http://codex.wordpress.org/Brute_Force_Attacks](http://codex.wordpress.org/Brute_Force_Attacks)
 *  Thread Starter [Martin.Harper](https://wordpress.org/support/users/martinharper/)
 * (@martinharper)
 * [13 years ago](https://wordpress.org/support/topic/themes-getting-hacked/#post-3703881)
 * Thank you for your quick response poeple, this is highly appreciated.
 * yes, I have read most of those but the sites get defaced event after I restore
   the entire installation from good backups. I suspect the themes that I am using
   are vulnerable (different every time).
 * I want to know if there is a list of recommended themes or if not I am ready 
   to switch all my blogs to default WP themes. Can you guys ensure that they are
   safe.
 * I am also taking to one of my friends and he has suggest to restrict the admin
   directory with .htaccess so that only certain IPs are able to access the admin
   area. Do you guys recommend this..?
 * Thanks,
    Martin
 *  [Chip Bennett](https://wordpress.org/support/users/chipbennett/)
 * (@chipbennett)
 * [13 years ago](https://wordpress.org/support/topic/themes-getting-hacked/#post-3703977)
 * More than likely, the attack vector is something other than WordPress itself,
   or your Theme.
 * Most often, the issue is an insecure hosting environment. Next most likely is
   compromised FTP credentials (possibly related to a local-machine virus).
 * After that, it is possible that a Plugin is the issue. What Plugins do you have
   active? (Two major caching Plugins recently had security vulnerabilities patched.)
 * As for safe Themes: get them from the official Theme directory:
    [http://wordpress.org/extend/themes](http://wordpress.org/extend/themes)
 * They are all human-tested for, among other things, security issues.
 *  Thread Starter [Martin.Harper](https://wordpress.org/support/users/martinharper/)
 * (@martinharper)
 * [13 years ago](https://wordpress.org/support/topic/themes-getting-hacked/#post-3704053)
 * Thanks Chip, I can confirm that:
 * — WP version is latest and updated on all hacked blogs.
    — It is not FTP as it
   is restricted have also checked logs. — It cannot be my hosting because all the
   software are regularly updated and I, myself ensure that the permissions are 
   correct. — My local machine has professional Anti Virus and is regularly updated.
   I also doubt that it is my machine because I have firewalls / IDS in my network
   and as I said only few blogs were affected, rest were OK. I expect even other
   blogs to get compromised if it was my local machine.
 * Regarding plugins, I have “All In One SEO Pack”, “Artiss Social Bookmarks”, “
   WordPress SEO” and “WP Social Bookmarking Light” installed & up to date but I
   have only “WordPress SEO” active.
 * On recommendation of one of my friends I have removed all Themes and have switched
   to Default WP Theme (New One) and have also restricted admin directory to certain
   IPs. Lets hope that this works.
 * Regards,
    Martin

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Themes getting hacked’ is closed to new replies.

 * 5 replies
 * 4 participants
 * Last reply from: [Martin.Harper](https://wordpress.org/support/users/martinharper/)
 * Last activity: [13 years ago](https://wordpress.org/support/topic/themes-getting-hacked/#post-3704053)
 * Status: resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics