Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 27

Thread: Wordpress insecurities

  1. #11
    Join Date
    Dec 2008
    Location
    Redmond, Oregon
    Posts
    828
    If this happened server wide I would wait tell you get confirmation from the host that whatever caused the issue has been resolved. Out of date server software, someone on the server uploaded a warez script or simply the server was hacked via the password. Would make sure to find out if the host has scanned the server for any trojan files or other security threat that they may have uploaded to the server to collect personal information like passwords and membership information.

    If the above hasnt been done by the host it would do no good to try and resolve your sites on a server that still has insecurities. If had only been one of you that would be one thing but this was server wide.

    Reverse IP Check ಠ_ಠ Proxy Sites
    <?php if ($youask == 'stupid question') { echo ('stupid answer'); } ?>

  2. #12
    Yep, agree, you should make sure your server's been hardened.

  3. #13
    Quote Originally Posted by firetown View Post
    The person took every site in the same hosting account down, wondering now if in fact it was wordpress that they got in with.
    Mike, it was not just the wordpress sites, but also the joomla site in the same account.

  4. #14
    Quote Originally Posted by Mr.Bill View Post
    If this happened server wide I would wait tell you get confirmation from the host that whatever caused the issue has been resolved. Out of date server software, someone on the server uploaded a warez script or simply the server was hacked via the password. Would make sure to find out if the host has scanned the server for any trojan files or other security threat that they may have uploaded to the server to collect personal information like passwords and membership information.

    If the above hasnt been done by the host it would do no good to try and resolve your sites on a server that still has insecurities. If had only been one of you that would be one thing but this was server wide.
    Well I guess we'll just have to wait until the host replies our email...

  5. #15
    Were the passwords for all the sites the same?
    If not, I believe they got "root" access somehow.

    Is that your own server or a shared host?

  6. Quote Originally Posted by Shenron View Post
    Do you still have the databases intact?
    If you do I suggest you take them out and restart every single blog from a brand new 2.7 install on top of those.
    Shenron is exactly right.

    I logged into her cPanel to take a look and the e-jihadi's had installed their code in at least nine different places in WordPress -- overwriting the original files.

    Most of these infections didn't actually work properly, but replacing wp-content/themes/default/index.php did work for them.

    I am worried though. I replaced that index.php with a known good copy and the sites appear empty. All I see now is this:
    Code:
    Hello world!
    December 29th, 2008 
    
    Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!
    That's not comforting...
    Submit Your Webmaster Related Sites to the NB Directory
    I swear, by my life and my love of it, that I will never live for the sake of another man, nor ask another man to live for mine.

  7. #17
    Quote Originally Posted by Will.Spencer View Post
    I am worried though. I replaced that index.php with a known good copy and the sites appear empty. All I see now is this:
    Code:
    Hello world!
    December 29th, 2008 
    
    Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!
    That's not comforting...
    You need to replace the database now.

  8. I am hoping that a copy of the databases exists somewhere...
    Submit Your Webmaster Related Sites to the NB Directory
    I swear, by my life and my love of it, that I will never live for the sake of another man, nor ask another man to live for mine.

  9. #19
    There is Will, at least I've been told so.
    Guys and Gals, I can't be much of a help for the next couple of days, as I'll be fully online only after the 5th, still you can always drop me a pm if I'm of any use; I know wordpress rather well I believe.

  10. #20
    Thank you so much for all our help!

    We recovered the sites. Upgraded all of them to WP 2.7 and overwrote the themes as well. We're now working on the content!

    Netbuilders community rocks!

Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. [Wordpress] - WordPress 3.0 Release Candidate
    By StephenM in forum Community Software
    Replies: 0
    Last Post: 28 May, 2010, 02:35 AM
  2. Replies: 5
    Last Post: 14 January, 2010, 04:58 AM
  3. [WTS] Hoover Wordpress Blog (Unquie Wordpress Theme)
    By Marcell Purham in forum Themes
    Replies: 0
    Last Post: 15 December, 2009, 21:36 PM
  4. Replies: 29
    Last Post: 18 September, 2009, 11:24 AM
  5. Replies: 14
    Last Post: 30 August, 2009, 02:33 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •