How to Keep Wordpress from Getting Hacked?

twoj04

twoj04

Power Member
Joined
Apr 23, 2009
Messages
631
Reaction score
373
Hey everyone, Fatal error: Cannot redeclare pbr9() (previously declared in /home/xxxxx/public_html/index.php(1) : eval()'d code:1) in /home/xxxxxx/public_html/wp-config.php(1) : eval()'d code on line 1.


Just got this on a bunch of my sites on the same block. Probably someone who got mad or something.

Anyhow, has anyone gotten this before? I checked my wp-config and sure enough there was a bunch of code at the top. Pretty sure I was hacked, but was posting to see if anyone knew if it was just an error.

Also, how do I prevent this from happening in the future?

Thanks :)
 
Advertise on BHW
hmmm, this is the second post with the same wordpress error?

can you login in under wp-admin?

I'm no security ninja, but at the very least you should be using htacess and robots.txt to keep google from indexing info about your blog, like what plugins you're using, what theme, what version, etc... all those can be compromised.
 
Hey, sorry didn't find anybody else with the same error. No I couldn't login. Reinstalling WP now.

Will look into the robots.txt and such, never worried about security stuff because had not gotten hacked before.
 
Another good idea is a WP database backup plugin. It will email you your database and WP settings on a set schedule so you can reinstall to the last known working version.

Maybe some other BHW WP users can share their security tips and tweaks.
 
Hey everyone, thanks and yea if anyone can share their advice on how to prevent this from happening in the future will be extremely appreciated with +thanks and such :)

I am going through and finding that it was pretty simple to hack me.
 
Are you using secure FTP??? One of my WP domains was getting injected with iframes until i took the time to set it up. From what I can gather File-zilla is notorious for leaking info.
 
Ok updates,

1. Re-installed WP on all domains.
2. Added extra PW security to all WP related files
3. Added robots.txt and beefed up the .htaccess
4. Added 2 security plugins
5. Changed all passwords
6. About to start using SSH or Secure FTP over FileZilla
7. Have WP-DB Backup email me twice a day with backups in case this happens again.

Anything else I can do?

Cheers :)
 
Advertise on BHW
You must log in or register to reply here.
Sign up now!

Main Menu

Home Main Forum List Black Hat SEO White Hat SEO BHW Newbie Guide Blogging Black Hat Tools Social Networking Downloads

Marketplace

Content / Copywriting Hosting Images, Logos & Videos Proxies For Sale SEO - Link building SEO - Packages Social Media Social Media - Panels Web Design Misc

Making Money

Affiliate Programs Hire a Freelancer Making Money Pay Per Click Site Flipping

BlackHatWorld

BHW Merch Forum Suggestions & Feedback Introductions Lounge Dispute Resolution

Other

Domain Name Forum IM Journeys Web Hosting Newsletter
Back
Top