freakybig Posted February 9, 2007 Posted February 9, 2007 I was hoping someone could tell me how my Wordpress site was hacked. Was my password not complicated enough? The frontpage of my site now says "Hacked by Theghost [Ayyildiz Tim]" I installed the latest Wordpress back in December using the automated feature from fantastico so I'm assuming I was running the latest w/ patches. Of course I didn't have it backed up either. Lesson learned Quote
nortk Posted February 9, 2007 Posted February 9, 2007 The "latest" will always be the version available directly via wordpress.org Even if what you install is the latest at the time, new releases patch security holes fairly regularly. The most recent version of wordpress was released in 2007. Sorry about the problems you had...no guarantee that the latest wordpress version will prevent it, but it's always important to keep up-to-date with patches. Quote
TCH-Bruce Posted February 9, 2007 Posted February 9, 2007 Welcome to the forums freakybig What version is the Wordpress you have installed? The current version is 2.1 which was released a little over 2 weeks ago. 2.0.7 was released about 3 weeks ago to fix security issues. Installing from Fantastico will not keep you current unless Fantastico picks up the upgrades and offers them for you to install. I would say you are probably at least two versions behind if you installed in December. Please open a ticket with the help desk and see if they have a backup that can be restored but you will have to get your version updated immediately for it not to happen again. Quote
TCH-Andy Posted February 9, 2007 Posted February 9, 2007 welcome to the forums freakybig Open a ticket at the help desk (link at the top of the page) and see if we have a backup from before the hack. Quote
freakybig Posted February 9, 2007 Author Posted February 9, 2007 Thanks a ton for the replies. I was afraid since I hadn't backed up my site myself I was just screwed. I just submitted a ticket so hopefully they can restore my site for me. I just realized that we actually have a backup feature on Cpanel. Too cool! I'll definately backup my site AFTER I've applied all the latest Wordpress patches. Thanks again! Quote
FiReaNG3L Posted February 9, 2007 Posted February 9, 2007 It's not specific to Wordpress, I got the exact same thing with my Movable Type site (3.2). They just changed the .hmtl, didn't touch the database. There must be a common (non-CMS related) vulnerability. I just rebuilt the whole site from the database, but i'd like to find the problem to prevent it in the future. Quote
TCH-Bruce Posted February 10, 2007 Posted February 10, 2007 Welcome to the forums FiReaNG3L If your pages were replaced the first thing I would do is change your cPanel password. Second open a ticket with the help desk and ask if they could check the logs if you can determine about what time the files were replaced. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.