• Hi all, I am having a serious problem. My Blog https://www.marcoandelle.com is being hacked on a daily basis by the above mentioned KSA_Hackers who obviously have nothing better to do with their time.

    I have upgraded to the new version of WordPress in hope of fixing it but it seems every morning I fix the site and by the evening it has been hacked again. Any help would really be appreciated . Thanks so much.

    Elle

    https://www.marcoandelle.com

Viewing 3 replies - 1 through 3 (of 3 total)
  • theposterpreviouslyknownas

    (@theposterpreviouslyknownas)

    im willing to help you, but it will need to be via instant messenger.

    So you know who I am >>>
    https://www.ads-software.com/support/profile/7432

    This is my “alter-ego” that askimutt has NOT decided to hate YET.

    I would definitely need to know a few things first though:

    1. According to Google, you’re also running Gallery. Were any of it’s pages defaced?

    2. Whats the LAST version of WordPress you installed?

    3. What are the permissions of your wp-theme folder and the files within? your wp-config.php, your wp-content folder?

    4. Do you have access to your server logs?

    5. Are you willing to give ME ftp access to your site AND let me look at your server logs?

    I dont fool around, and while I can tell you what to do via email or Instant Messenger, it’s MUCH easier if I can see for myself what permissions, etc.. server logs, etc..

    .. If all that works for you, email me at whoo -(at)- village-idiot.org. I cant guarantee it wont happen again, but I’ll do everything I can to help YOU to try to make sure it doesnt.

    If thats not feasable. >>>>

    1. Your permissions are VERY important. WP and a good deal of ppl on this forum “suggest” opening up those permissions for uploading, backing up, etc.. Unfortunately, that looseness opens up other things also.

    Directories OUGHT to be 755.
    Files OUGHT to be 644

    Your .htaccess, IF you have one, OUGHT to be 644. It should NEVER be left world writable. Ever. regardless of what ANYONE else says.

    2. Change your passwords. ALL of them. ftp/mysql/wordpress admin. Any others? Change them also.

    3. About Gallery. It has its own host of problems that are well documented. Make SURE you are running the most current version of it. Even if your gallery was left untouched, doesnt mean thats not how they got in. Your site is on zone-h so someone is making a name for themselves and front pages are always better.

    4. Change your Gallery passwords.

    5. LOOK at your server logs, they have answers.

    theposterpreviouslyknownas

    (@theposterpreviouslyknownas)

    Additionally, gallery requires loosening of permissions.

    Honestly, to be “safe” those of you that use these backends of apps to upload are wide open to more than you realize, and you are MUCH better off, uploading images, files, etc.. the good old fashioned way : via FTP.

    You may want to put index files in your directories as I was able to access many of them.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Hacked by ZooZ Selfish Girl! SOS!’ is closed to new replies.