hacked wp site?
- Started
- Last post
- 7 Responses
- comicsans0
WP is OK if you are aware of it's security issues, configure it appropriately and stay patched. If you're not prepared to do this, then you will get hacked.
The altered DNS records may point to a wider problem, who held them?
- hans_glib0
Oh yes I should add that I found the
@ A
www A
IP addresses were for this MMO, and have just chnaged them to the IP that webhost specify. Is this enough?
- Melanie0
I just had one of my wordpress sites hacked too, and even though I deleted my site and reloaded a clean version, it was still pointing to the hack site... on further investigation I found that they had altered my httpaccess files and rerouted it to their site. Check your server for sometimes invisible files as well. - Your hosting company will do this for you if you ask them really nicely. :)
- meffid0
"I’ve sent you a photo of the team to include in the brochure. Rob, the guy on the right, is wearing a horrible sweater though—can you just rub his sweater out in photoshop? And if he’s not wearing anything underneath, could you paint him a nice shirt?"
- mantrakid0
it honestly sounds like it wasnt wordpress but the domain that was hacked... or maybe it had expired at some point and they set it to point to just some spam bullshit so they could make $ on the ads while it sat there... If wordpress itself was hacked, it wouldnt have much to do with the DNS and shit, just the file system within wordpress and 8/10 you can recover from the hack by either installing the latest version overtop the wordpress files or else just re-installing the current files over the wordpress files. Im talking the stuff that shows up in the root, the wp-includes, and wp-admin area. Usually there are no actual wordpress 'core' files running in the wp-content folder, but thats where your theme and shit is, so if the theme was hacked you will have to either restore from a previous unhacked version, or else manually strip out any offending javascripts etc that have been injected into the theme files.
Once you have a fresh re-install of the core wordpress system, IMMEDIATELY get a plugin called "Firewall 2" if you search for it on the Wordpress.org site you'll see it at the top of the list. Install that shit as it blocks a LOT of attempted Database injection & directory traversal attacks that are the main way a wordpress site could get compromised, aside from being on a shitty shared host that doesnt protect their shit.
Once you have that plugin in, clean wordpress install, clean theme files, changed passwords, changed mysql passwords, changed ftp passwords, you are breathing a lot easier...
Let me know if you need a hand, I would be willing to help for a small fee.
- section_0140
WP is a big target for hackers. Obviously, there was a hole in the site that has probably been patched by a newer version. Just make sure it's up to date and you should be ok.