Probing for possible hacks in plugins detected.

• 

  wearenotalonese · Member · Jun 7, 2017 at 8:50 am

  • Copy link
  • Add topic to favorites

  Hi!

  I think I had an (unsuccessful) hack attempt this morning.

  an IP tried to direct access a few php files:

  blog.wearenotalone.se/wp-content/plugins/revslider/temp/update_extract/revslider/cache.php

  blog.wearenotalone.se/wp-content/plugins/wp-mobile-detector/cache/cache.php

  blog.wearenotalone.se/wp-content/plugins/wp-mobile-detector/resize.php?src=http://www.laptopscreenrepair.net.au/search/cache.php

  Now I don’t have these plugins, and I’m not sure if this was an attempt it might just be random probing, but random probing is usually a bad thing..
  I just wanted to put out the word, so if somebody uses these plugins can check them out.

  The blog I need help with is: (visible only to logged in users)

• 

  supernovia · Staff · Jun 8, 2017 at 12:05 am

  • Copy link

  Thank you @wearenotalonese – it does sound like they were checking to see if your installation was vulnerable, but I’ll pass this along, too, just in case.

• 

  supernovia · Staff · Jun 8, 2017 at 12:32 am

  • Copy link

  I heard back; it looks like you’ll want to do some general hardening on your installation – make backups, update everything, ensure your plugins and themes are safe, etc.

  Also, these forums are generally for WordPress.com support, but you can find .org support here: https://wordpress.org/support

  Cheers!