Upload Hacked | WordPress.org

SyCo123
(@syco123)

15 years, 2 months ago

I was using version 2.8.4 and noticed none of the images were showing in my posts. In the status there were numerous attempts to connect to a website g-oogl-e.com. I tracked this down to an .htaccess file that now exists in the uploads>YYYY>MM folder.

I’m unable to delete it (permissions issue) and have contacted my host to remove them. One exists in every month folder. I’m trying to work out how the files were put there. I’m presuming through the wordpress interface as none of the other folders in my website are affected by this.

Anyone heard of this or had any experience with it?

Viewing 3 replies - 1 through 3 (of 3 total)

esmi
(@esmi)

15 years, 2 months ago

Your site may well have been hacked.

http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/

Thread Starter SyCo123
(@syco123)

15 years, 2 months ago

It was undoubtedly hacked, but how? How was a .htaccess file uploaded to an image directory? I can’t imagine an uploader allows that kind of file.

esmi
(@esmi)

15 years, 2 months ago

Once a hacker has access to the server s/he doesn’t need an uploader. They can run any scripts they want.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Upload Hacked’ is closed to new replies.

In: Fixing WordPress
3 replies
2 participants
Last reply from: esmi
Last activity: 15 years, 2 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics