Title: WordPress Hacked Last modified: August 18, 2016 --- # WordPress Hacked * [davev](https://wordpress.org/support/users/davev/) * (@davev) * [20 years, 3 months ago](https://wordpress.org/support/topic/wordpress-hacked/) * Hi, * I am having a little problem. Someone is targetting my sites and is managing to insert code into my wordpress templates damaging my sites. I dont know if its wordpress or how they are managing it. Any ideas would be useful ? * Thanks! Viewing 15 replies - 1 through 15 (of 17 total) 1 [2](https://wordpress.org/support/topic/wordpress-hacked/page/2/?output_format=md) [→](https://wordpress.org/support/topic/wordpress-hacked/page/2/?output_format=md) * [whooami](https://wordpress.org/support/users/whooami/) * (@whooami) * [20 years, 3 months ago](https://wordpress.org/support/topic/wordpress-hacked/#post-331810) * 1. wordpress version would help 2. you used “sites”.. is wp running all all the sites, or some, all the same versions, or not. 3. what else is being used on the sites(s) * — * if you are using the reccommended method of having theme files world-writable, youre inviting disaster. Thats very very insecure, regardless of what the answers to the above questions happen to be. * think about it : world-writable. it means exactly what it says. Ive gone on and on about this, “no-one” cares. * [vkaryl](https://wordpress.org/support/users/vkaryl/) * (@vkaryl) * [20 years, 3 months ago](https://wordpress.org/support/topic/wordpress-hacked/#post-331832) * whooami, I care. But I don’t count…. * [whooami](https://wordpress.org/support/users/whooami/) * (@whooami) * [20 years, 3 months ago](https://wordpress.org/support/topic/wordpress-hacked/#post-331835) * its all in the quotes I used 😛 * [kennethwsmith](https://wordpress.org/support/users/kennethwsmith/) * (@kennethwsmith) * [20 years, 3 months ago](https://wordpress.org/support/topic/wordpress-hacked/#post-331839) * Also, are you using phpGedView? The old version of phpGedView allows hackers to access EVERYTHING on your server. Upgrade or remove it until the 4.01 version comes out. That was what got me. They messed up my Joomla install, so I decided to go to WP, and then they started messing with WP. I finally figured out it wasnt Joomla or WP, but phpGedView. Good luck, it drove me nuts for weeks! * Thread Starter [davev](https://wordpress.org/support/users/davev/) * (@davev) * [20 years, 3 months ago](https://wordpress.org/support/topic/wordpress-hacked/#post-331843) * 1. wordpress version would help * Ah, both are 1.5.2 * 2. you used “sites”.. is wp running all all the sites, or some, all the same versions, or not. * The 2 that I have noticed so far are 1.52 * 3. what else is being used on the sites(s) No other cms or anything much. * — * if you are using the reccommended method of having theme files world-writable, youre inviting disaster. Thats very very insecure, regardless of what the answers to the above questions happen to be. * think about it : world-writable. it means exactly what it says. Ive gone on and on about this, “no-one” cares. * This could be the whole problem, I assumed that it wouldnt make a difference leaving them 666 or similar – most people I spoke to said the same thing. Though I never understood why it could be ok – the file is writable (but not being a tech doesnt help really) * I am locking it all down 🙂 * Thanks for the quick, useful tips & quality responses. I honestly didnt even think anyone would bother answering. * I dont know what phpgedview is but if the other solutions dont solve the problem then Ill look into that. * Thanks again & Ill come back with an update.. any idea how I find the culprits now ? * [Mark (podz)](https://wordpress.org/support/users/podz/) * (@podz) * [20 years, 3 months ago](https://wordpress.org/support/topic/wordpress-hacked/#post-331845) * 1.5.2 has no known exploits. * 1. Who is your host ? 2. Make sure that EVERY file has permissions of 644 at most for now. * 3. Ask your host / look in their forums for similar incidents. If you do ask them they will say it’s a WP fault – which it is not. It’s probably a shared server exploit. If your host fobs you off, look elsewhere. * Thread Starter [davev](https://wordpress.org/support/users/davev/) * (@davev) * [20 years, 3 months ago](https://wordpress.org/support/topic/wordpress-hacked/#post-331848) * I have just 644 everything and now its messed. * I get this error message: Warning: main(/home/xxx/public_html/wp-includes/wp- db.php): failed to open stream: Permission denied in /home/xxx/public_html/wp- settings.php on line 59 * Fatal error: main(): Failed opening required ‘xxxx/public_html/wp-includes/wp- db.php’ (include_path=’.:/usr/lib/php:/usr/local/lib/php’) in /home/xxx/public_html/ wp-settings.php on line 59 * Any ideas? * I will be having words with my hosts on monday too anyway 🙂 * [Mark (podz)](https://wordpress.org/support/users/podz/) * (@podz) * [20 years, 3 months ago](https://wordpress.org/support/topic/wordpress-hacked/#post-331850) * That’s an odd error because all my files are 644 – so either the files in not there (you’ll need to check) or your host has set something very strange. * Who is your host ? * Thread Starter [davev](https://wordpress.org/support/users/davev/) * (@davev) * [20 years, 3 months ago](https://wordpress.org/support/topic/wordpress-hacked/#post-331869) * [http://ukwebsolutionsdirect.co.uk/](http://ukwebsolutionsdirect.co.uk/) * It was working ok, before I changed the permissions (there were all different permissions set across the different files/ folders). * [davidchait](https://wordpress.org/support/users/davidchait/) * (@davidchait) * [20 years, 3 months ago](https://wordpress.org/support/topic/wordpress-hacked/#post-331875) * Don’t folders need to be 755 or something? (I thought files were one, folders were another? Anyone with firsthand knowledge?) * -d * [vkaryl](https://wordpress.org/support/users/vkaryl/) * (@vkaryl) * [20 years, 3 months ago](https://wordpress.org/support/topic/wordpress-hacked/#post-331878) * It’s generally folders 755, files 644, yes. * Thread Starter [davev](https://wordpress.org/support/users/davev/) * (@davev) * [20 years, 3 months ago](https://wordpress.org/support/topic/wordpress-hacked/#post-331893) * ok, let me give that a try, thanks for your help * Thread Starter [davev](https://wordpress.org/support/users/davev/) * (@davev) * [20 years, 3 months ago](https://wordpress.org/support/topic/wordpress-hacked/#post-331922) * Ok, that appears to have worked. Thanks everyone for your contributions! * [vkaryl](https://wordpress.org/support/users/vkaryl/) * (@vkaryl) * [20 years, 3 months ago](https://wordpress.org/support/topic/wordpress-hacked/#post-331931) * Glad to hear it, hope things remain calm for you! * Thread Starter [davev](https://wordpress.org/support/users/davev/) * (@davev) * [20 years, 3 months ago](https://wordpress.org/support/topic/wordpress-hacked/#post-332239) * Fraid not, after fixing all the permissions they still managed to get their code in there. * 🙁 Viewing 15 replies - 1 through 15 (of 17 total) 1 [2](https://wordpress.org/support/topic/wordpress-hacked/page/2/?output_format=md) [→](https://wordpress.org/support/topic/wordpress-hacked/page/2/?output_format=md) The topic ‘WordPress Hacked’ is closed to new replies. * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 17 replies * 6 participants * Last reply from: [davev](https://wordpress.org/support/users/davev/) * Last activity: [20 years, 3 months ago](https://wordpress.org/support/topic/wordpress-hacked/page/2/#post-332241) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics