1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

My wordpress blog defaced by Palestinian hacker

Discussion in 'Blogging' started by Mstrpln, Dec 27, 2009.

  1. Mstrpln

    Mstrpln Newbie

    Joined:
    Oct 24, 2009
    Messages:
    29
    Likes Received:
    3
    Location:
    .NL
    Hey! Merry Christmas over there.

    One of my blog was defaced on Christmas eve by palesinian hacker who calls himself the storm or some shit like that...

    It seems he found some exploit wp admin. nothing big biut he got in somehow through the recover password function. he changed the admin password and email, and only my index.php templayte file was modified and needless to say this has cost me some serious $$$ money :eek:

    I took the following action:
    dropped writing permissions on template folder
    on paranoid mode I created a ip restriction foir wp-login.php
    if ($_SERVER[REMOTE_ADDR] != 'my.real.ip.address'){exit;}

    more information on this exploit here
    wordpress.org/support/topic/237003

    have a merry christmas with your family and friends!!