Latest Announcemnent
New thread
Status
Not open for further replies.
G

gfxguru

Active Member
951
2009
97
0
One of my wordpress site got hacked last month, but i had backup so i restored it that time.

today just 30 mins ago. i got email from my wordpress site.

subject: [xxxxxxxxxx] Password Lost/Changed
email content: Password Lost and Changed for user: boumkhalled



i immediately visited my site and found this running.

[slide]http://i42.tinypic.com/1zlu0ro.jpg[/slide]

i than suspended the domain from my control panel.

now few question to hacking experts, how do i secure my wp site?

really looking forward to advance level tips.
 
8 comments
1.you should use the htaccess to password protect the wp-admin directory(dont use a plugin)
2.simple tip for any password: use a generator
3.change the url of wp-admin using a plugin or manually if you are comfortable
4.change the admin name to something else
5.modify your theme to remove ALL information about the version of wordpress
6.change the posttable prefix to something other wp_
7.use login lockdown plugin

tips that i remember,if you need anything specific,feel free


also,if you wanna retrive,
go to phpmyadmin from your cpanel,delete the user from wp_options,and add a new user.in the password field,use md5 hash from the net to encrypt your password.i can help in this as well,though i dont recommend you trust anyone for this purpose.
 
Thanks a lot for the tips

but how do i password protect the wp-admin directory with htaccess --any tutorial?
change the url of wp-admin using a plugin -- can you link me the plugin please.
 
do you have ftp access,paste the content of your .htaccess file (ofc,remove vital site info and change site url to domain.com)

download the version of your wordpress site and see if new files are present in your site root via ftp,file manager etc and report.
 
mirrorstack said:
what version of wordpress where you using ?
is it 3.2.1 ?
Click to expand...

i dont remember. what version was that.:(

sceneguy said:
do you have ftp access,paste the content of your .htaccess file (ofc,remove vital site info and change site url to domain.com)

download the version of your wordpress site and see if new files are present in your site root via ftp,file manager etc and report.
Click to expand...

ok i checked on site files there is no .htaccess file in root.

i guess i have to install again properly..
 
gfxguru said:
One of my wordpress site got hacked last month, but i had backup so i restored it that time.

today just 30 mins ago. i got email from my wordpress site.

subject: [xxxxxxxxxx] Password Lost/Changed
email content: Password Lost and Changed for user: boumkhalled



i immediately visited my site and found this running.

[slide]http://i42.tinypic.com/1zlu0ro.jpg[/slide]

i than suspended the domain from my control panel.

now few question to hacking experts, how do i secure my wp site?

really looking forward to advance level tips.
Click to expand...

Most of the time wordpress gets hacked because a old plugin is not secure. What plugins do you have installed ? If you have some installed check out some exploit site like exploit-db and see if there is a exploit for the plugins your using
 
Hi,
It may be because of old thumb or timthumb.php.
Read this :
http://www.awebmasterforum.com/wordpress-htaccess-hacked-redirects-to-russian-site/

Hope it helps.

Check all plugins and until the issue is resolved, disable all your plugins.
Check your themes and upload folders for malicious files.

Ask your host to install a good firewall, Suhosin for PHP and Mod_security for Apache.
ask them to use latest ASL/gotroot rules for mod_security.

Also, ask them to install a good antivirus, root kit scanner and Intrusion Prevention/Detection System (IDS/IPS).
 
Status
Not open for further replies.
Back
Top