WordPress 2.5 hacked – need help to stop hacker from returning
I got hacked the night before last (http://mediationchannel.com). I found out about it when a reader contacted me to say he couldn’t access my blog. Instead, he got the wp-admin/install.php page. When I checked myself, sure enough, I found the same issue. I couldn’t even access my own admin page.
First I thought it was a problem associated with upgrading to WordPress 2.5 over the weekend. But then I got an unpleasant surprise.
I went into my SQL database and discovered that my wp_options table had crashed. I repaired it using phpadmin, and was then able to gain access to my site. On a hunch, I checked my wp_users table and discovered that someone the previous night had broken into my WordPress admin, created himself a user account, and set himself up as admin. Then he evidently destroyed the wp_options table.
As best I can tell, there’s no other damage to the site, although the pages all turned into posts after I repaired the wp_options table, which I had to fix. The problem though is that I’m worried this guy might come back and do worse damage, and I have no way of knowing what other surprises he’s left for me. I’ve removed the hacker as a user, and I’ve changed passwords everywhere, both on the blog and on my web host’s cpanel. My web host has been most unhelpful in dealing with this (inmotionhosting.com).
What’s scary is that I thought I’d taken appropriate precautions, taking care with file permissions, passwords, updating plugins, you name it. I thought upgrading to 2.5 would protect me, but the hacker got in after the upgrade.
I’m not sure what else I can do. Could someone please tell me what else I need to do to protect myself? (Simple instructions please — I am still learning my way around WordPress!)
Thank you kindly in advance for any help you can offer!
- The topic ‘WordPress 2.5 hacked – need help to stop hacker from returning’ is closed to new replies.