1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

My friend wordpress site GOT HACKED, WHAT TO DO?

Discussion in 'Blogging' started by Donkey Kong, Jan 30, 2012.

Tags:
  1. Donkey Kong

    Donkey Kong Regular Member

    Joined:
    Jan 10, 2012
    Messages:
    236
    Likes Received:
    66
    Gender:
    Male
    Occupation:
    Facebook Account Specialist
    Location:
    Hawaii, Honolulu
    hey guys, anyone friendly with this please have a look at this:

    Code:
    joannakinsman.com/odesk
    Although she can get back admin control but after awhile that nasty hacker re-occur keep repeat the joke. I do some google search but haven't got much result. The thing is we don't know where the loophole is or where did the hacker inject his script open site backdoor to get back after works.

    I need a lot of you guys help then, thanks for caring!
     
  2. robibrk

    robibrk Regular Member

    Joined:
    Aug 23, 2009
    Messages:
    321
    Likes Received:
    121
    EDIT: delete please.
     
  3. rulez05

    rulez05 Power Member

    Joined:
    Feb 3, 2011
    Messages:
    745
    Likes Received:
    142
    do you have back-up ??? just delete your site and upload it or find the injected code to your site.
     
    • Thanks Thanks x 1
  4. Donkey Kong

    Donkey Kong Regular Member

    Joined:
    Jan 10, 2012
    Messages:
    236
    Likes Received:
    66
    Gender:
    Male
    Occupation:
    Facebook Account Specialist
    Location:
    Hawaii, Honolulu
    I know how it is right, delete the whole and install from fresh. The thing irritating me is couldn't find out where's that loophole.
     
  5. mysterysolver

    mysterysolver Regular Member

    Joined:
    Dec 22, 2011
    Messages:
    418
    Likes Received:
    122
    Occupation:
    e-commerce,ios app developer
    First you should check plugins for loophole

    Sent from my iPhone using Tapatalk
     
    • Thanks Thanks x 1
  6. everythingred

    everythingred Jr. VIP Jr. VIP Premium Member

    Joined:
    Jul 21, 2010
    Messages:
    1,871
    Likes Received:
    1,234
    what i did is go to google and type:

    Copied down all my articles so at least I had that.
     
  7. rulez05

    rulez05 Power Member

    Joined:
    Feb 3, 2011
    Messages:
    745
    Likes Received:
    142
    so if you do deleted the site and change password check the plug ins and themes there are injected codes there you can download tac to scan wordpress theme
     
    • Thanks Thanks x 1
  8. -Jericho-

    -Jericho- Jr. Executive VIP Jr. VIP Premium Member

    Joined:
    Jan 10, 2010
    Messages:
    2,849
    Likes Received:
    1,704
    Location:
    Stalking My Ex-Wife
    This is how two of my sites got hacked. Turn off all your plugins and see if the problem goes away.
     
    • Thanks Thanks x 1
  9. gundamwing

    gundamwing Jr. VIP Jr. VIP Premium Member

    Joined:
    Sep 18, 2008
    Messages:
    1,274
    Likes Received:
    913
    reinstall the site
    because they planted backdoor

    i have a tips

    write htaccess to your wp-login + wp admin double login
    even they know your login info they cant do anything
     
    • Thanks Thanks x 2
  10. __dark__

    __dark__ Registered Member

    Joined:
    Feb 15, 2010
    Messages:
    62
    Likes Received:
    24
    I've seen a lot of I got hacked threads lately, if I write a tutorial on how to prevent getting hacked and what to do when you are hacked focused on worpress since its the main target would anybody be interested in it?
     
    • Thanks Thanks x 2
  11. ehustle_online

    ehustle_online Newbie

    Joined:
    Jan 30, 2012
    Messages:
    2
    Likes Received:
    0
    Occupation:
    Webmaster/ Blogger
    Location:
    Fredericksburg, VA
    Home Page:
    What are some things that I could do to prevent being hacked?
     
  12. OldSalt

    OldSalt Moderator Staff Member Moderator Jr. VIP Premium Member

    Joined:
    May 19, 2009
    Messages:
    1,279
    Likes Received:
    7,437
    Gender:
    Male
    Occupation:
    IT Sys Admin
    Location:
    US, East Coast
    I for one would be... I'm not an alarmist or overly worried, but at the same time, I'm not going to say that WP is bullet-proof.

    BTW - maybe we should start having people list what plugins they had installed when they were hacked to see if we can see trends?
     
  13. gundamwing

    gundamwing Jr. VIP Jr. VIP Premium Member

    Joined:
    Sep 18, 2008
    Messages:
    1,274
    Likes Received:
    913
    most of hacker wp these day which is they claim to be a hacker (copy paste sql inject )
    they using scrape vulnerability many wordpress site to search timthumb.php

    first step so to get secure

    read this
    Code:
    http://www.mattcutts.com/blog/three-tips-to-protect-your-wordpress-installation/
    2. pray and hope not to get hacked :confused:
     
    Last edited: Jan 30, 2012
  14. moose123

    moose123 Regular Member

    Joined:
    Aug 5, 2011
    Messages:
    354
    Likes Received:
    86
    Occupation:
    selling/wholesale/dropship
    you dont have to delete the site or anything, is it wordpress it very simple fix