If you are new to domains and looking to buy, sell and learn about domains then you have come to the right place. DNForum is the largest domain name community on the internet and continues to grow every day. There are over 105,000 domainers on DNForum doing everything from buying domains, selling domains, learning about domains and discussing domains. Take a minute and Register.
Register Today on DNForum IT'S FREE!
Wordpress site hacked... please help!
Update:
ok, so I just found all of the links in my footer.php file, so I am guessing this means that someone hacked in and accessed the files and also the ftp server ??
So I just got an email from Google mentioning that one of my sites is being removed from the index due to hidden text...
Sure enough, I check the source and a bunch of crap links have been injected into my site...
When I log in to the back end of WordPress I can't find the links in the actual page content or in the links section, has anyone had this happen before?
The code has this before the links:
<!--linksb-->
<b style="display:none">
and this after:
<!--linkse-->
Any thoughts?
I just made sure my WordPress install was up to date and I changed the password on the main account...
Last edited by elivate; 07-31-2009 at 10:08 AM.
Can you tell us more, just for our own education.
I know some of the freebie templates are not always free because of this type of threat.
But, you are saying they hacked in?
Or, they already knew there was a backdoor?
Which FTP program are you using to upload files?
Are your anti-spyware anti-malware anti-virus internet security suite up-to-date?
ok, so I was able to fix this and I am now 99% sure what happened...
When you create a WordPress site you get an "admin" account and a randomly generated password. You should ALWAYS change the password and it is alco a good idea to create a new account altogether, so do not use admin at all... I know this but in thia case I did not make this change...
What the "hackers" do is they use their own password generator script which would likely be the same as what WordPress uses and they then use some program to brute force the site... once they get in they can change whatever they want in the "Edit Themes" section... So no ftp access was actually required to change the file...
So the lesson learned (which I already knew) is that you should never use the default admin account to manage your WordPress site...
I am lucky they didn't do much worse...
thanks for informing us
<a href="http://www.parked.com/tour/?promo=D57DD5E3F8" target="_blank"><img src="http://images.parked.com/banners/parked3.gif" border="0"></a>
I think that changing theme would be ultimate solution in this case. In future, please use wp themes from authentic sites whether free or paid. Remember, all free themes are not good.
Posting Permissions
View Profile
View Forum Posts
View Forum Threads
View Friends
View Blog Entries
Reply With Quote
Bookmarks