Getting Hacked and Angry About It

  • whoisdialogue

    (@whoisdialogue)


    17 years ago

    Roughly a week ago my site began to be hacked by what I assume is a spambot of somekind. It’s using an SQL insert or flaw to add really nasty porn spam to whatever post is currently at the top of the page.

    A friend is my site’s network administrator, and we’ve worked for the past week to clamp down on this. I’ve reinstalled WordPress twice, stripped out all the themes and plugins I had, changed every password I could think of – he’s been watching packets, etc etc … neither of us can get this to stop.

    My assumption now has to be that there is an unpatched vulnerability in WordPress that is being used to do this. Does anyone have any further suggestions/ideas on how to deal with this?

Viewing 2 replies - 1 through 2 (of 2 total)
  • whooami

    (@whooami)

    You dont mention logs .. have you looked at the logs?

    A MySQL insert thats called by a browser or more likely a script is going to be fairly easy to spot in the logs.

    whooami

    (@whooami)

    Im also going to point out something.. and while this may or may not have anything to do with what you are experiencing, it’s worth bringing up.

    I dont know your current host by any standard; maybe you think they are great. However, your site is hosted on box that is running Apache 2.0.52

    Do you have any idea how old that is?

    2004.

    Your PHP version?

    4.3.9

    How old?

    2004.

    BOTH have security issues.

    Tell your friend, the network admin, to spend a little less time watching packets, and a little more time updating the packages on that CentOS box.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Getting Hacked and Angry About It’ is closed to new replies.

Tags