Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Blog defaced

Hybrid View

  1. Blog defaced

    One of my sites was defaced lately after I reinstalled wordpress. I decided to uninstall wordpress again, but the site still shows the defaced index page. Any ideas on what's the reason behind it?

    I had to remove everything in order to remove the defaced index page.

  2. #2
    Join Date
    May 2009
    Location
    New York
    Posts
    3,772
    Make sure that you change the passwords and upgrade to the latest version of wordpress.

  3. install the AntiVirus plugin
    AntiVirus for WordPress is a smart, effectively solution to protect your blog against exploits and spam injections.


  4. #4
    Quote Originally Posted by whatthehell View Post
    install the AntiVirus plugin
    AntiVirus for WordPress is a smart, effectively solution to protect your blog against exploits and spam injections.
    I though WP was safe, but after reading this i think im gonna check that plugin out :P

  5. This reminds of the thing I did when I was younger xD
    But maybe the index file is still there,I once had this on a clients site,there wasnt a htm or php or any other index in the public_html/www folder,and I replaced the index.html but the site was still defaced,the host solved it somehow,so contacting them might be a option.

  6. #6
    Join Date
    Dec 2008
    Location
    Redmond, Oregon
    Posts
    828

    Reverse IP Check ಠ_ಠ Proxy Sites
    <?php if ($youask == 'stupid question') { echo ('stupid answer'); } ?>

  7. I think it's time to install the antivirus plugin for wordpress. The biggest mistake I did was to not upgrade Wordpress after reinstalling it.

  8. #8
    Join Date
    May 2009
    Location
    New York
    Posts
    3,772
    Quote Originally Posted by dodolls View Post
    I think it's time to install the antivirus plugin for wordpress. The biggest mistake I did was to not upgrade Wordpress after reinstalling it.
    I'm guessing that they are using a password exploit. Upgrade the WP install and change the password for the user password for the sql db as well.

    I've had a lot of problems with wp blogs running version earlier than 2.7. Even on 2.7 a hacker got it and was able to make a post. But didn't deface the blog.

  9. Quote Originally Posted by bogart View Post
    I'm guessing that they are using a password exploit. Upgrade the WP install and change the password for the user password for the sql db as well.

    I've had a lot of problems with wp blogs running version earlier than 2.7. Even on 2.7 a hacker got it and was able to make a post. But didn't deface the blog.

    With regards to password exploit, could it be possible that they were able to exploit the password for hosting account or just wordpress?

  10. #10
    Join Date
    May 2009
    Location
    New York
    Posts
    3,772
    Quote Originally Posted by dodolls View Post
    With regards to password exploit, could it be possible that they were able to exploit the password for hosting account or just wordpress?
    All versions of wordpress up to and including 2.8.3 have an "admin password reset exploit" security flaw.

    You should also use a strong password for the hosting account and Wordpress ir you are vulnerable to a brute force attack.

Page 1 of 2 12 LastLast

Similar Threads

  1. Replies: 0
    Last Post: 22 May, 2010, 21:37 PM
  2. [WTS] Blog Post and Blog Roll in PR 3+ Blog
    By linkseller in forum Links
    Replies: 0
    Last Post: 29 March, 2010, 12:36 PM
  3. Replies: 0
    Last Post: 15 January, 2010, 16:11 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •