7 {{ upvoteCount | shortNum }}
7 {{ upvoteCount | shortNum }}

Links in Blog Hijacked

by warfore
6 replies
My site has been attacked and several of the links in posts or pages redirect to some other site where they want load some type of malicious software. This wp blog is hosted at Bluehost and they weren't much help in advising on what to do. They think it was a MySQL injection but were not sure. Any Warriors have any ideas on how to clean this up? Any help would be appreciated.:confused:
#blog #hijacked #links
  • Profile picture of the author Heidi White
    I'm not sure how to clean it up, here's a site I found that talks about .htaccess hacks that might prevent such problems in the future.

    A to Z of WordPress .htaccess Hacks|WPShout.com
    Example: Protect wp-config.php

    # protect wpconfig.php
    <files wp-config.php>
    order allow,deny
    deny from all
    </files>
    good luck

    Mostly Harmless
    {{ DiscussionBoard.errors[1567599].message }}
  • Profile picture of the author mreinfeldt
    Tony,

    I have a VPS solution in place and found out the hard way that someone had hacked my FTP password. This resulted in a whole series of porn and viagra sites being uploaded, spam mail going out, and most of my pages having malicious code injected on them. Took me forever to clean it up.

    My recommendation: immediately change all your passwords, if you have the capability, set it so your FTP is only encrypted, and lastly, review permissions on your files (if you are not making regular updates to them, set the perms to 444 instead of 666. This will make the scripts that inject code into your files fail, as they won't have perms to write to them.

    I hope that helps!
    Signature

    Matt Reinfeldt
    View my Naymz profile

    {{ DiscussionBoard.errors[1569958].message }}
    • Profile picture of the author warfore
      Thanks for the advice. I'm thinking of hiring a WF consultant to go in and take a look. Problem is that you have to give them access to cpanel which exposes all of your information (and I have shared hosting).
      Signature

      Regards,

      Tony

      {{ DiscussionBoard.errors[1569994].message }}
    • Profile picture of the author warfore
      Originally Posted by mreinfeldt View Post

      Tony,

      I have a VPS solution in place and found out the hard way that someone had hacked my FTP password. This resulted in a whole series of porn and viagra sites being uploaded, spam mail going out, and most of my pages having malicious code injected on them. Took me forever to clean it up.

      My recommendation: immediately change all your passwords, if you have the capability, set it so your FTP is only encrypted, and lastly, review permissions on your files (if you are not making regular updates to them, set the perms to 444 instead of 666. This will make the scripts that inject code into your files fail, as they won't have perms to write to them.

      I hope that helps!

      Which files are you referring to above?
      Signature

      Regards,

      Tony

      {{ DiscussionBoard.errors[1570002].message }}
      • Profile picture of the author mreinfeldt
        In my case, any .php, .html, .js, and .css files. Those were the ones they injected code into.
        Signature

        Matt Reinfeldt
        View my Naymz profile

        {{ DiscussionBoard.errors[1570068].message }}

Trending Topics