Is My Blog Being Hacked??

  • Resolved skeezicks

    (@skeezicks)


    17 years, 5 months ago

    Several lines of javascript are being inserted into a couple of my posts in my blog. I delete those posts and create new ones, using the same-but-retyped text for the title and body of the post. The problem goes away, but some time later the javascript reappears. The latest reappearance includes a link to geocities.com. Can’t see it in the actual post because it is being hidden by a <display: none> in one case and a <noscript /> in another.

    I doublechecked the privileges in my site using Filezilla and they appear correct (775 for folders and I believe 644 for files). I also rechecked mySQL User table and it appears to be in order. Please see this screen.

    But poking around mySQL reveals another set of tables with privileges granted to usernames I don’t understand. Can somebody please take a look at this link and tell me if this might be an open door that could be hacked??

    The blog is at https://springvalleyhoa.org/blog and the posts in question are “Over the Back Fence” and “Tell It To The Board”. Note that neither of these have a footer or an Add Comment block. A couple of days ago they did.

Viewing 3 replies - 1 through 3 (of 3 total)

  • here is a direct link to one of the posts that you mention above:

    https://springvalleyhoa.org/blog/?p=5

    when I view your source, i see the following:

    https://pastebin.com/m372741d7

    at one line do you see a javascript that you are worried about? Line 126?

    Thats javascript thats being inserted by yahoo as far as I can tell?

    I also see a comment block, btw, as long as I block javascript.

    The users that you see in mysql? Yahoo again, and thats vaguely inferred by handy in the other thread you brought those up in:

    https://www.ads-software.com/support/topic/134694?replies=5

    Look at your wp-content/plugins/?

    https://springvalleyhoa.org/blog/wp-content/plugins/

    you have a host of plugins that look like they are are installed by yahoo.

    Yahoo specific plugins are discussed here:

    https://www.ads-software.com/support/topic/94124?replies=18

    as well.

    In short, the answer is no, your blog is not being hacked.

    Im going to make a firmly worded suggestion in light of this post though.

    You have indicated several time that yahoo will not update their cpanel install, and therefore you are running an older version. You’ve indicated that you don’t feel comfortable, feel you have the knowledge, etc.. to update your install manually.

    Thats great. Except that’s not good enough, when there are hundreds, if not thousands of ppl that might do that for you, if you asked. If not for free, then certainly, for money.

    I might be mistaken, but I believe I also replied to several questions you posed about other hosts.

    In other words, what Yahoo does or doesnt do, ought not to be of no consequence to you. While they might impede your ability to have a current version of WordPress — they arent stopping you – you are.

    You can upgrade your blog. You can have someone else upgrade your blog. You can do a manual install. You can have someone else do a manual install and import the posts that already exist within the install you have. You can even change hosts.

    Plenty of ppl change hosts and lose money doing it. Ive done it – it was worth it in the end.

    Or you can continue to start threads like this.

    The choice is yours.

    and here is some more info:

    https://creativeslice.com/2006/05/22/yahoo-hosting-wordpress/

    https://blog.alanguilan.com/2007/08/20/wordpress/379.html

    Thread Starter skeezicks

    (@skeezicks)

    whooami,

    Thank you for your help.

    Being retired, I don’t have a lot of money to spend on hobbies such as blogs, websites, etc.

    Being retired, I do have a lot of time to try working things out myself, asking for help when help is offered and when I’m stumped.

    I appreciate your ideas and try to follow through with your suggestions. I do value your input. I have only about a month’s worth of experience with blogs.

    However, your delivery method to me is smug and condescending, to wit:

    “Or you can continue to start threads like this.”
    “The choice is yours.”

    If you wish to continue helping me by replying to my questions, that’s great. However, if you have to pepper your replies with digs and barbs, it would probably be better if you simply pass.

    “The choice is yours.”

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Is My Blog Being Hacked??’ is closed to new replies.