WordPress sites hacked twice in a week, days after upgrading WordPress (4 posts)

  1. dsgnr
    Posted 2 years ago #

    Hi everyone.

    Are there any known security issues with the new version of WordPress? I have never been hacked before and I have just been done. This the second time in the same week and I don't know whether its coincidental that it's only a few days after I've upgraded to 3.5.1 or whether there are some vulnerabilities in it.

    Both hacks have occurred in different places. The first one (on Tuesday) was just a case of over-writing the core index.php page with a not nice one, on all WordPress sites associated with my hosting account and a static HTML only website.

    This second one, which happened an hour ago was a different. Replaced the index.php file in the main Themes folder in WP-content and the index.php file within WP-content. This one left comments leading to a hacking tool called GRITTY. looks like some sort of script to get certain information.

    I'd gone through all the codex tools etc about my WordPress site being hacked but somehow they are getting in and I didn't plan on spending my Saturday afternoon repairing websites! If anyone can give any help or advise that would be great.

    Thanks in advance

  2. Luis Abarca
    Posted 2 years ago #

    Reinstall from a clean copy of WordPress, maybe they uploaded a script to your wp-content and can get acces later.

    Add a .htacces to your wp-content folder with this content

    php_flag engine off

    That way if they upload a script with .jpg.php they can not run the shell anymore.

  3. kmessinger
    Volunteer Moderator
    Posted 2 years ago #

  4. The Hack Repair Guy
    Posted 2 years ago #

    More often than not, the hacker will leave behind a collection of back door scripts.

    So no matter of installations or upgrades will prevent them from re-hacking your site.

    So generally you have the choice of noting what is installed then reinstalling all again from scratch (deleting contents of your website first), which can be problematic to say the least; or having someone go through every file to fish out the back doors and clean up your code.

Topic Closed

This topic has been closed to new replies.

About this Topic