1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WordPress Blogs Hacked

Discussion in 'Blogging' started by BlackBeret, Sep 29, 2008.

  1. BlackBeret

    BlackBeret Regular Member

    Joined:
    Jul 12, 2008
    Messages:
    257
    Likes Received:
    61
    Location:
    Transexual, Transylvania
    I had a couple of my niche market WP blogs hacked over the weekend. It looks like all they did was remove my themes folder and put some dumbass "hacked by" index page in the folder. I upgraded from 2.5 to 2.6.2 so hopefully that will close it. I can't figure out where they came in.

    They didn't fool with the index page in the root, but it showed up as a blank page when I went to the domain. It tried to call the php header from the theme file, but it wasn't there.

    If I hadn't decided to work on this site today I might not have noticed it.

    How do you guys keep track of all your blogs?

    I've spent about the last 2 hours checking everything and doing a few more WP upgrades. Basically time I could have been using to make money.

    I debating setting up a "My Sites" folder in my FF bookmarks and just "open all in tabs" every morning to check them. Right now I have about 40 sites so I would probably break them down into groups of 10 in each folder.

    Any ideas?
     
  2. Tilt4832

    Tilt4832 Regular Member

    Joined:
    Feb 25, 2008
    Messages:
    237
    Likes Received:
    42
    Location:
    Over the Rainbow
    One of my Mu sites crashed too, nothing would load, db was fine, my psswerd was original. May not be related to your issue.

    I scrambled up my db name, user, and psswerd thinking it might have been a competitor.

    I like the idea of having the sites auto load each morning.
     
  3. theremixer

    theremixer Newbie

    Joined:
    Jul 24, 2008
    Messages:
    5
    Likes Received:
    1
    it's not surprising they have done it to your blog since you have been using a rather old version of WP2.5. WP2.6.2 has been out for quite some time already.

    regularly updating to the latest WP version is the only way we can be one step ahead of hackers.
     
  4. Loak

    Loak Jr. VIP Jr. VIP

    Joined:
    Apr 21, 2008
    Messages:
    314
    Likes Received:
    109
    might not have been wp may have been a common plugin
     
  5. gifmore

    gifmore Regular Member

    Joined:
    Oct 12, 2007
    Messages:
    274
    Likes Received:
    67
    Folks,

    Have you had any experience using this script, which is supposed to add some security to your wordpress blogs?:

    Code:
    [CODE]
    http://wppadlock.com/
    [/CODE]