My wordpress was owned :(

  • Im a bit of a newbie in terms of CMS and around 3-4 months ago installed wordpress just as a kind of place to put my development notes in a organised way.

    I got an email today to say my website is being used to phish and although im pretty clueless on this, the link didnt look good and i wouldnt recommend clicking on it but:

    https://www.the-outsider.org/wp-content/uploads/webscrcmd=_login-don/webscrcmd=_login-done&login_access=1190737782.htm

    As soon as it was brought to my attention i tried to find out whats wrong and there is a folder in my wp-content/uploads folder called

    webscrcmd=_login-don

    So rude.

    Anyways i cant delete it in ftp as i dont have access apparently. CMOD 775 is what the suspected folder is.

    My upload folder is CMOD 757 which i just this second realised and seems wrong to have public write… however like i say, i dont really know what it means and i already have enough headaches for this week without breaking my site.

    None the less, the main problem is that im pretty sure my personal domain is going to go down in phishing history and as a wannabe junior as3 developer its the very very last thing i want. “Hi employ me, my domain is listed all over the place as a phishing site…. i dont really know what that is mind you…” Its a terrible pitch for a job.

    Im not sure what to do, or why this happened and im at this very moment trying to reach a deadline with a technical task for a job interview and researching this from scratch just is not viable yet.

    So as a favour, id appreciate a hand. If you could point out some search terms for me, a brief explaination of what this is, why it happened, how to prevent it from happening or how to get rid of it then id really appreciate the heads up.

    Cheers all

Viewing 6 replies - 1 through 6 (of 6 total)

  • If you don’t have a lot of stuff on the blog and could easily replace it, you could completely uninstall WP and delete all your databases and start fresh.

    Unfortunately, I don’t have any solutions to fix it as is.

    Thread Starter ronson49

    (@ronson49)

    Ahh your right.

    Im just going to start a-fresh.

    Cheers.

    I hope everything gets fixed for you!

    Thread Starter ronson49

    (@ronson49)

    Nope ??

    I cant delete the wp-content folder from ftp or phpmyadmin file manager. Somethings pretty badly messed up. In phpmyadmin, the file acts likes it deleted and then when i refesh the page its still there.

    Generally speaking, is there a way to just flatten the entire domain to a default state? Can this be done?

    Talk about bad timing!

    You could talk to your hosting provider by sending a ticket and seeing if they can go in and delete everything and reset your hosting.

    phpmyadmin is not a file manager, its a web app for accessing MySQL.

    wherever you are, youre not there, if youre trying to dele a file.

    Contact your host if you cant delete stuff – thats what theyre for.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘My wordpress was owned :(’ is closed to new replies.

Tags