Possible site hack – MySQL problem

  • Hey all, I’m not good with this stuff. My DB usage has been ridiculous lately, and my friend told me I’m getting hacked. Checking apache logs gave me this the first time it happened:

    [27/Feb/2008:12:19:11 -0800] “GET /comments/feed/ HTTP/1.1” 500 391 “-” “FeedBurner/1.0 (https://www.FeedBurner.com)” “-”

    For whatever reason this specific request ran for 5 minutes and 40 seconds. While running, it issued the following mysql query:

    SELECT option_value FROM wp_options WHERE option_name = ‘siteurl’.

    This query was issued repeatedly and rapidly for the duration of the 5 minutes and 40 seconds.

    Next, which was just about an hour ago:

    Mar 12 13:21:20 10.2.0.57 query_logger.pl[3241]: INFO: 1371783 “db22***” “***database-name***” IDX_YES 1 SELECT bb4b264131236a7f922e526e281b7db5 — SELECT option_value FROM wp_options WHERE option_name = ‘siteurl’

    The loop was occurring 500 times per second for at least 5 minutes. The asterisks are the database name.

    I’m using WP 2.0.2 and can’t upgrade yet or my theme will break. I’m getting a redesign so I can upgrade but I’m still waiting for it.

    My host is getting really upset about this, as am I. Please help!

Viewing 8 replies - 1 through 8 (of 8 total)

  • That’s nonsense. Upgrade to 2.0.11 – if you think the other branch would break your theme.
    https://www.ads-software.com/download/legacy/

    Thread Starter csburdick

    (@csburdick)

    What’s nonsense?

    I know that upgrading past 2.0.2 will break my theme, I’ve tried it before it’s so bad it’s not fixable.

    I also don’t quite understand how going with an older version is upgrading.

    Thanks.

    There are only two versions that are supported and secure/safe, the most current (2.3.3) and the legacy (2.0.11) which Moshu pointed out.

    And come on, man. Whoever told you your theme would break if you upgrade is full of prunes. And how do you *know* it will break your theme? And a “broken” theme is a lot easier to fix than a hacked and compromised site.

    But you do what you want. (BTW, I design web sites for a living, and specialize in WP sites, and I’m telling you, your theme can be made to work with whatever version of WP you are using, it’s not rocket science. Now PLUGINS, that’s a whole other story.)

    And it sounds like your problems lie with feedburner rather than WP or any of its faults or foibles. Still, unless you really do want to be hacked, but good, upgrade. ??

    Quite OT: One more thing, and then I’ll shut up. The Z .. love ’em. Only thing I ever drove up until 2003, when I got my Honda Accord (and that was only b/c my husband became paralyzed and the Z31 that we had was just impractical). In fact, the Z31 (1984-89 models) was the ONLY cars I’ve ever driven since I was about 22. I’m a die-hard Zed fan. And I nearly cried when I saw what they’ve done to the 350 on your blog.

    and there is nothing from the change from 2.0.2 -> 2.0.11 that makes enough modifications to change a theme, any theme.

    I’ve tried it before

    Thread Starter csburdick

    (@csburdick)

    Someone didn’t tell me the theme would break – I upgraded (back when it was 2.1 i think) and it did break. I don’t know enough PHP to fix it. I tried again for 2.3 and as expected, it broke again. Stuff was all over the place, blogroll wouldn’t work, regular posts were considered asides, etc. I’m sure it’s fixable but I’d rather get a new theme anyway.

    I think I’ll contact Feedburner and try changing to 2.0.11 for now, hopefully that fixes things for the moment.

    jonimueller: I’m a huge Z-fan myself. I personally own a 91 300ZX and adore it. In fact I like the Zs so much I want to eventually collect an example of each model back to the gorgeous 240Z. I hope they don’t keep this direction with current Zs though, or the love will most certainly dwindle.

    Moderator Samuel Wood (Otto)

    (@otto42)

    www.ads-software.com Admin

    Upgrading from 2.0 to 2.1 and beyond will break things, yes. However, fixing the theme and downloading new plugins and such is usually not difficult.

    But 2.0x to 2.0.11 is perfectly safe.

    Thread Starter csburdick

    (@csburdick)

    Good to hear Otto, I’ll backup, go to 2.0.11 and if sh*t blows up I’ll be back ??

    Thread Starter csburdick

    (@csburdick)

    Thank you everybody, it seems changing over to 2.0.11 worked fine and didn’t break anything that I noticed yet. Whether or not that fixed my original issue I’m not sure yet, I’ll have to monitor my apache logs.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Possible site hack – MySQL problem’ is closed to new replies.