I have been hacked
-
I have been hacked!
SA3D HaCk3DÂ and he/she is KURDISH
This is my site: http://www.cbradshaw-photo.co.uk
It seems this happened shortly after i installed a theme, it was called Zhi or somesuch, a nice theme which worked and then the next day i get this.
My hosting place is in the process of resetting my password etc and ive used my ftp to delete the theme etc however im worried…..
I am worried that there are files on my WP that shouldnt be there, is there any way someone can post pics of what should be in the directories etc?
I would love to get my hands on SA3D HaCk3DÂ i will ‘hack’ him… to bits.
-
You appear to not have a WordPress.COM site: http://ismyblogworking.com/www.cbradshaw-photo.co.uk
Your site is not hosted on WordPress.COM, this site is for support of sites hosted on WordPress.COM. You should address your questions to WordPress.ORG the keepers of the software you are using: http://wordpress.org/support/
For more on the difference: http://support.wordpress.com/com-vs-org/
-
For self-hosted blogs, you need to inquire at http://wordpress.ORG/support/ .
Make sure and ask your host to scan your entire account for malware or virus’s. I’ve seen some of these end up infecting virtually every file in the account.
-
THey dont provide debugging software and cannot scan it, though they say its not a virus! its in a script or somesuch?
-
For self-hosted blogs, you need to inquire at http://wordpress.ORG/support/ .I’m afraid since we don’t have these security issues, we really can’t help.
-
I have a hard time believing that a web host doesn’t or can’t scan for threats on their system. That is in the interest of the web host as the scripts can possibly be used to compromise their entire system. I make a good bit of money cleaning up sites that have been hit by hackers and shut down by the host.
There is an ever increasing trend out there of hackers putting malware and such right into themes and plugins and such, and you always need to know your source.
You really need to inquire at .ORG forums though. That is where you will find people that can help you since many have been through it before.
-
-
-
Here is where you register at WordPress.ORG: http://wordpress.org/support/register.php
They are ALL unpaid volunteers that help you over there (as are many of us here) they won’t “fix” your site for you, they will point you in the right direction and give advice. Many of the people there are professional WordPress developers.
Great resource, I have helped there many times.
-
I would think seriously about moving to a new host sometime in the near future. It sounds like this one is in bargain-basement territory – at least when it comes to features and support.
Also, this is a prime reason to do backups and backup often. I always backup before I add a theme or any plugins so that if anything goes wrong all I have to do is restore my backup and everything is back to normal. Again, a good full site backup utility is something a good host should provide. Most hosts that provide cPanel for their accounts have a very good backup utility that even backs up the databases.
Post over at .ORG though. I’m sure they can help.
-
They have a back up utility and can do that, they use linux. Also they have this:
– By default, we have set all servers to use the latest PHP 5.2.9 with php_suexec enabled along with register_globals turned off. This prevents remote code inclusion and various code poisoning.
– We are running Apache in chroot-ed environment with suExec.
– We have compiled a secure Linux kernel with grsecurity. This secures the server against kernel exploits.
– We have sophisticated IDS / IPS systems which block malicious bots and attackers.
– ModSecurity is installed on all of our shared servers.
– Our server are regularly scanned using rkhunter to identify rootkit and Trojans.
– In order to ensure data protection we have RAID configured onAnd no they arnt bargain basement for anything
- The topic ‘I have been hacked’ is closed to new replies.
WordPress.com Forums 