776pnl,KingGame login.REGISTER NOW GET FREE 888 PESOS REWARDS!

dsgnr
(@designsbytouch)

12 years ago

Hi everyone.

Are there any known security issues with the new version of WordPress? I have never been hacked before and I have just been done. This the second time in the same week and I don’t know whether its coincidental that it’s only a few days after I’ve upgraded to 3.5.1 or whether there are some vulnerabilities in it.

Both hacks have occurred in different places. The first one (on Tuesday) was just a case of over-writing the core index.php page with a not nice one, on all WordPress sites associated with my hosting account and a static HTML only website.

This second one, which happened an hour ago was a different. Replaced the index.php file in the main Themes folder in WP-content and the index.php file within WP-content. This one left comments leading to a hacking tool called GRITTY. looks like some sort of script to get certain information.

I’d gone through all the codex tools etc about my WordPress site being hacked but somehow they are getting in and I didn’t plan on spending my Saturday afternoon repairing websites! If anyone can give any help or advise that would be great.

Thanks in advance

Viewing 3 replies - 1 through 3 (of 3 total)

Luis Abarca
(@luisabarca)

12 years ago

Reinstall from a clean copy of WordPress, maybe they uploaded a script to your wp-content and can get acces later.

Add a .htacces to your wp-content folder with this content

php_flag engine off

That way if they upload a script with .jpg.php they can not run the shell anymore.

kmessinger
(@kmessinger)

12 years ago

Sorry you were hacked. In addition to the above, you need to notify your host and start working thru this.

https://codex.www.ads-software.com/FAQ_My_site_was_hacked
https://www.ads-software.com/support/topic/268083#post-1065779
https://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
https://ottopress.com/2009/hacked-wordpress-backdoors/

Additional Resources:

https://sitecheck.sucuri.net/scanner/
https://www.unmaskparasites.com/
https://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html
https://codex.www.ads-software.com/Hardening_WordPress
https://www.studiopress.com/tips/wordpress-site-security.htm

The Hack Repair Guy
(@tvcnet)

12 years ago

More often than not, the hacker will leave behind a collection of back door scripts.

So no matter of installations or upgrades will prevent them from re-hacking your site.

So generally you have the choice of noting what is installed then reinstalling all again from scratch (deleting contents of your website first), which can be problematic to say the least; or having someone go through every file to fish out the back doors and clean up your code.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘WordPress sites hacked twice in a week, days after upgrading WordPress’ is closed to new replies.

WordPress sites hacked twice in a week, days after upgrading WordPress

Tags

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics