Jump to content


Photo

My Wordpress Was Hacked :(


  • Please log in to reply
9 replies to this topic

#1 freakybig

freakybig
  • Members
  • 4 posts

Posted 09 February 2007 - 08:38 AM

I was hoping someone could tell me how my Wordpress site was hacked. Was my password not complicated enough?

The frontpage of my site now says "Hacked by Theghost [Ayyildiz Tim]"

I installed the latest Wordpress back in December using the automated feature from fantastico so I'm assuming I was running the latest w/ patches.

Of course I didn't have it backed up either. Lesson learned :)

#2 nortk

nortk

    Immediate Family

  • Members
  • PipPipPipPip
  • 511 posts

Posted 09 February 2007 - 08:47 AM

The "latest" will always be the version available directly via wordpress.org

Even if what you install is the latest at the time, new releases patch security holes fairly regularly. The most recent version of wordpress was released in 2007. Sorry about the problems you had...no guarantee that the latest wordpress version will prevent it, but it's always important to keep up-to-date with patches.
Time flies like the wind.
Fruitflies like bananas.

#3 TCH-Bruce

TCH-Bruce

    Volunteer Moderator

  • Members
  • PipPipPipPip
  • 19,960 posts

Posted 09 February 2007 - 08:49 AM

Welcome to the forums freakybig :)

What version is the Wordpress you have installed? The current version is 2.1 which was released a little over 2 weeks ago. 2.0.7 was released about 3 weeks ago to fix security issues.

Installing from Fantastico will not keep you current unless Fantastico picks up the upgrades and offers them for you to install. I would say you are probably at least two versions behind if you installed in December.

Please open a ticket with the help desk and see if they have a backup that can be restored but you will have to get your version updated immediately for it not to happen again.

Bruce Richards
Forum Moderator
TotalChoice Hosting, Inc.
Webhosting by Total Choice Web Hosting - General Support Forum

I am a Forum Moderator. While I can assist in answering most of your hosting related questions, I am unable to answer questions about specifics relating to your account such as billing and server related issues. Should you need assistance in these areas, please contact our Help Desk or our many other options. Another good place to find answers is with our help pages, tutorials and movie tutorials.


#4 TCH-Don

TCH-Don

    Immediate Family

  • Members
  • PipPipPipPip
  • 11,642 posts

Posted 09 February 2007 - 03:04 PM

Welcome to the forums freakybig :)

#5 TCH-Andy

TCH-Andy

    Immediate Family

  • Members
  • PipPipPipPip
  • 4,699 posts

Posted 09 February 2007 - 03:15 PM

welcome to the forums freakybig :)

Open a ticket at the help desk (link at the top of the page) and see if we have a backup from before the hack.
Andy Beckett
-----------------
Part of the TCH family since the beginnings of time.

#6 freakybig

freakybig
  • Members
  • 4 posts

Posted 09 February 2007 - 03:22 PM

Thanks a ton for the replies. I was afraid since I hadn't backed up my site myself I was just screwed. I just submitted a ticket so hopefully they can restore my site for me.

I just realized that we actually have a backup feature on Cpanel. Too cool! I'll definately backup my site AFTER I've applied all the latest Wordpress patches.

Thanks again! :)

#7 FiReaNG3L

FiReaNG3L
  • Members
  • 1 posts

Posted 09 February 2007 - 06:06 PM

It's not specific to Wordpress, I got the exact same thing with my Movable Type site (3.2). They just changed the .hmtl, didn't touch the database. There must be a common (non-CMS related) vulnerability.

I just rebuilt the whole site from the database, but i'd like to find the problem to prevent it in the future.

#8 TCH-Bruce

TCH-Bruce

    Volunteer Moderator

  • Members
  • PipPipPipPip
  • 19,960 posts

Posted 09 February 2007 - 07:05 PM

Welcome to the forums FiReaNG3L :)

If your pages were replaced the first thing I would do is change your cPanel password. Second open a ticket with the help desk and ask if they could check the logs if you can determine about what time the files were replaced.

Bruce Richards
Forum Moderator
TotalChoice Hosting, Inc.
Webhosting by Total Choice Web Hosting - General Support Forum

I am a Forum Moderator. While I can assist in answering most of your hosting related questions, I am unable to answer questions about specifics relating to your account such as billing and server related issues. Should you need assistance in these areas, please contact our Help Desk or our many other options. Another good place to find answers is with our help pages, tutorials and movie tutorials.


#9 TCH-Thomas

TCH-Thomas

    Volunteer Moderator

  • Members
  • PipPipPipPip
  • 14,908 posts

Posted 10 February 2007 - 06:38 AM

Welcome to the forum, FiReaNG3L. :)

Thomas Jikrantz
Forum Moderator
TotalChoice Hosting, Inc.

Any links or suggestions for third party software/sites should be used at your own risk. My opinions and recommendations are not necessary those of TCH and TCH is not responsible.

As a Forum Moderator I can assist in answering many of your hosting related questions. However, I am unable to answer questions about specifics relating to your account such as billing and server related issues. Should you need assistance in these areas, please contact our Help Desk or our many other options. Another good place to find answers is with our help pages, tutorials and movie tutorials.
Web Hosting by Total Choice Web Hosting - 24/7 Help Desk


#10 TCH-Don

TCH-Don

    Immediate Family

  • Members
  • PipPipPipPip
  • 11,642 posts

Posted 10 February 2007 - 10:52 AM

Welcome to the forum, FiReaNG3L :clapping:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users