Security issue?

  • Hello all,

    I’m running WordPress 2.8.1, and today found a blog I look after (uk.tug.org) had been compromised. It’s back working now, but I wonder where the issue is. I’ve narrowed the issue down to a PHP Trojan (PHP/C99Shell-A) been added to the site, and in my logs I have a lot of access requests from one IP address, which is also the only one trying to access the Trojan file. So the question is, broadly, what do I do? I can let someone who knows about these things have a look at the log, if it is helpful. I’m obviously unsure if this is a WordPress issue, a hosting issue or something I might have done!

    Thanks in advance for any ideas,

    Joseph Wright

Viewing 1 replies (of 1 total)

  • Sounds like your web server or web hosting account may be compromised. Whether it is originally from WordPress is hard to say. I’d ask the web host to look into it and definitely change all passwords to make it really strong and also – use SFTP.

Viewing 1 replies (of 1 total)
  • The topic ‘Security issue?’ is closed to new replies.