![]() |
| ||||||||
|
|
#1 |
|
Internet Marketing Addict
Join Date: Aug 2006
Location: Antwerp, Belgium.
Posts: 314
Thanks: 1
Thanked 0 Times in 0 Posts
|
I just discovered my website at newjvgiveaways.com was hacked...
![]() I don't have any experience with this kind of stuff. What do I do? |
|
|
|
|
|
|
|
|
#2 |
|
Internet Marketing Addict
Join Date: Aug 2006
Location: Antwerp, Belgium.
Posts: 314
Thanks: 1
Thanked 0 Times in 0 Posts
|
As far as I can see, the hacker only uploaded an index.htm-file. I deleted it and everythng seems to be back to normal.
How do I prevent this in the future? |
|
|
|
|
|
|
|
|
#3 |
|
Warrior Member
Join Date: Nov 2008
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
|
The first step I would take is figuring out how they got access in the first place. Are you running any open-source web apps (ie: Wordpress)? If so, make sure you have the latest versions/builds installed as there may be an exploit that allows such uploading.
I'd also change the password to my hosting account/FTP server login/password. I always recommend generating long, random passwords and usernames - something like 776C9E6362DC2E6 and 64A33620AF4AF03. If you're using Roboform there's actually a "Generate" button on the toolbar that'll allow you to do this. Hope that helped! |
|
|
|
|
|
#4 |
|
John Burnette
War Room Member
Join Date: Aug 2007
Location: S.E. USA
Posts: 526
Thanks: 81
Thanked 65 Times in 55 Posts
|
You should also contact your hosting support. They should be able to pull up the logs for your account to help see what the problem is.
Thanks, John |
|
|
|
|
|
|
|
|
#5 |
|
PhpMembersScript.com
War Room Member
Join Date: Aug 2008
Location: South Carolina, USA
Posts: 4,668
Blog Entries: 2
Thanks: 449
Thanked 750 Times in 485 Posts
|
If interested send me a PM with specific details of what happened and I can look into some things for you ... Have done several security consults on here and some security jobs... I have also wrote the very popular WordPress Secured ebook..
James |
|
Article Directory/Tools/Spinner | Upto 1800+ Authority Bookmarks and Backlinks - Starts $8.77
Christmas PLR Pack - Articles, Templates, Graphics, Resources and More $8.97 MRR/RR Block SideWiki | Membership Script | WordPress Security |
|
|
|
|
|
|
#6 |
|
Internet Marketing Addict
Join Date: Aug 2006
Location: Antwerp, Belgium.
Posts: 314
Thanks: 1
Thanked 0 Times in 0 Posts
|
Thanks for the tips.
It still seems like the only thing that happened was the upload of an index.htm file... Isn't this a bit weird? Why bother then?
|
|
|
|
|
|
|
|
|
#7 |
|
PhpMembersScript.com
War Room Member
Join Date: Aug 2008
Location: South Carolina, USA
Posts: 4,668
Blog Entries: 2
Thanks: 449
Thanked 750 Times in 485 Posts
|
As explained in PM they uploaded the index file just to see if your wp was secured or not.. Now they know it is not.. In otherwords they was testing.
I have explained many times over no matter what version of WP you are running you WP is NOT secure.. There is nothing wordpress.org can do to stop the hacks. They can update until the cows come home and it will not do any good as the hackers get these updates also.. Only way to secure your WordPress is to do it yourself or hire a proper WordPress Security Dude.. Many people say "update" and "backup" thats the best you can do .. Well they are wrong, dead wrong... The past five years has seen the popularity of blogs grow in their use and as a means of making money. That's the meat that computer hackers look to sink their teeth into. A recent report by the Congressional Research Service stated that the financial impact of computer hackers amounts to $226 billion annually. Another report calculated that hackers could be taking up to six cents of every Internet dollar of revenue. Anyone that runs a wordpress site and does not get secured will eventually be hacked... James |
|
Article Directory/Tools/Spinner | Upto 1800+ Authority Bookmarks and Backlinks - Starts $8.77
Christmas PLR Pack - Articles, Templates, Graphics, Resources and More $8.97 MRR/RR Block SideWiki | Membership Script | WordPress Security |
|
|
|
|
|
|
#8 |
|
HyperActive Warrior
Join Date: Apr 2006
Location: , , United Kingdom.
Posts: 143
Thanks: 6
Thanked 4 Times in 4 Posts
|
Have you examined the content of the index file they uploaded?
It might be a Trojan horse. Then the hacker can use the file as a back door to plant other files on your site. For example fake banking site or other phishing site. Or they might set up a spam relay on your site. I have created some scripts to disable files that are added to my site by hackers. Just 2 days ago this foiled a hacking attempt on my site. PM me if you would like more details. |
|
|
|
|
|
|
|
|
#9 | |
|
PhpMembersScript.com
War Room Member
Join Date: Aug 2008
Location: South Carolina, USA
Posts: 4,668
Blog Entries: 2
Thanks: 449
Thanked 750 Times in 485 Posts
|
Quote:
Which also means the db itself could have already been compromised as well by the same hacker.. James | |
|
Article Directory/Tools/Spinner | Upto 1800+ Authority Bookmarks and Backlinks - Starts $8.77
Christmas PLR Pack - Articles, Templates, Graphics, Resources and More $8.97 MRR/RR Block SideWiki | Membership Script | WordPress Security |
||
|
|
|
|
|
#10 | |
|
Internet Marketing Addict
Join Date: Aug 2006
Location: Antwerp, Belgium.
Posts: 314
Thanks: 1
Thanked 0 Times in 0 Posts
|
Just found out a same file had been uploaded to another folder on the same server.
Both are folders that serve as addon domains. One has a WP install, so I have been reading quite a bit about securing WP. But the second file was uploaded to a folder that only has an index.html file and an empty cgi-bin folder... So I take it protecting my WP installation won't solve the problem... ![]() Quote:
hiphil, I'm setting up your EasySweepSystem - have sent you a PM about it. | |
|
|
||
|
|
|
|
|
#11 |
|
Senior Warrior Member
War Room Member
Join Date: Jun 2007
Location: Up North, USA
Posts: 2,168
Blog Entries: 11
Thanks: 75
Thanked 215 Times in 120 Posts
|
Can you simply rename the admin login page to something like seoni23iubfgws.html and then keep that filename somewhere safe? Also, with message moderation on, are you safe (at least more so?).
TomG. |
|
|
|
|
|
|
|
|
#12 | |
|
PhpMembersScript.com
War Room Member
Join Date: Aug 2008
Location: South Carolina, USA
Posts: 4,668
Blog Entries: 2
Thanks: 449
Thanked 750 Times in 485 Posts
|
Quote:
Simply renaming the admin index file will do nothing.. Hackers still know the path to your admin login and that is all they need.. The only way to protect the site is to protect wordpress, and there is no system out there but WordPress Secured that will explain to you how to protect wordpress.. I certainly would not install more scripts that ask for private information such as logins to try and protect something that was already hacked to begin with .. But that's me I guess, I have been building websites for over 15 years... James | |
|
Article Directory/Tools/Spinner | Upto 1800+ Authority Bookmarks and Backlinks - Starts $8.77
Christmas PLR Pack - Articles, Templates, Graphics, Resources and More $8.97 MRR/RR Block SideWiki | Membership Script | WordPress Security |
||
|
|
|
|
|
#13 |
|
Elite Warrior Member
War Room Member
Join Date: Jun 2007
Location: United Kingdom.
Posts: 2,829
Blog Entries: 1
Thanks: 196
Thanked 64 Times in 49 Posts
|
Happened to me a while back.
Check all your root folder contents for unusual files and DON'T upload a backup of your site unless 100% sure he wasn't in their when you backed-up. Anyhoo, don't take my or anyone elses advice before contacting your host who is trained to get rid of these problems fast! Louis.... |
|
|
|
|
|
#14 |
|
Senior Warrior Member
War Room Member
Join Date: Jun 2007
Location: Up North, USA
Posts: 2,168
Blog Entries: 11
Thanks: 75
Thanked 215 Times in 120 Posts
|
Just be careful about your host's tech support. Some of these guys really have no clue what they are doing. Once you find a good one, try to ask for the same person.
TomG. |
|
|
|
|
|
|
|
|
#15 | |
|
PhpMembersScript.com
War Room Member
Join Date: Aug 2008
Location: South Carolina, USA
Posts: 4,668
Blog Entries: 2
Thanks: 449
Thanked 750 Times in 485 Posts
|
Quote:
James | |
|
Article Directory/Tools/Spinner | Upto 1800+ Authority Bookmarks and Backlinks - Starts $8.77
Christmas PLR Pack - Articles, Templates, Graphics, Resources and More $8.97 MRR/RR Block SideWiki | Membership Script | WordPress Security |
||
|
|
|
![]() |
|
| Tags |
| hacked, site |
| Thread Tools | |
|
|
![]() |