Blog Possible Hacked – Server Process Permanent

Hey,

Last night I had issued with file permissions and fixed it today. Just before my hosting told me there is a constant process on the server from one of my scripts. It was found using server error information to be wordpress.

I’ll paste the details below but I would really like any help fixing this or preventing it again because my hosting have put my whole domain offline until it is resolved.

I’m close to just deleting the blog however I want to know what could cause and prevent it.

Another thing, could copying and pasting an email into a post cause this? Is there anything that may be in an email to trigger something in the file mentioned below.

Thanks

Thank you for contacting us.

It means that there is a script on your site which is permanently running.

Here is the system information regarding the permanent process,

Daemon: 19694 webtechglobal.co.uk “php5-cli” (/usr/bin/php5-cli) (188 s)
(/usr/bin/php5-cli wp-cron.php )

webtechglobal.co.uk 80.192.50.127 – – [18/Mar/2009:12:22:19 +0000] “POST /blog/wp-login.php HTTP/1.1” 200 2279 “https://webtechglobal.co.uk/blog/wp-login.php” “Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.9.0.7) Gecko/2009021910 Firefox/3.0.7”
webtechglobal.co.uk 80.192.50.127 – – [18/Mar/2009:12:23:41 +0000] “POST /blog/wp-login.php HTTP/1.1” 200 2103 “https://www.webtechglobal.co.uk/blog/wp-login.php” “Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.9.0.7) Gecko/2009021910 Firefox/3.0.7”

it appears to be a process on wp-cron.php once you have removed the permanent process on your site let me know and I will re-enable scripting for you.

I hope this helps.