Community Forums › Forums › Archived Forums › General Discussion › website hacked
Tagged: hack
- This topic has 5 replies, 3 voices, and was last updated 9 years, 4 months ago by Davinder Singh Kainth.
-
AuthorPosts
-
December 10, 2014 at 10:49 pm #134250vioMember
My website was haked through the executive pro theme.
"We had to disable your site, because a nasty hack job occurred that resulted in hundreds of thousands of spam messages going out from your account/website. The event is still being investigated by our sysadmin, but here’s what we know so far...
- Spam came from your wordpress site
- There was a nasty backdoor in /hsphere/local/home/paulthibert/downtownchiropractor.ca/wp-content/themes/executive-pro
/help.php
- The hacker got control over bunch of stuff including your database.We may be able to recover from backup to before the time the attack happened, but if we do that, you'll have to lock it down really tight otherwise the hacker will use the same exploit as the first time. Something on the site is letting anyone upload without authenticating themselves. We still don't know what "
My site is now offline and they are refusing to let the same theme be used..
Any help is great,
http://downtownchiropractor.ca
PaulDecember 11, 2014 at 2:03 am #134258Davinder Singh KainthMemberDid you check on plugins installed on the site?
Rarely a theme itself is source of hack / trouble. It is when someone / some bot has illegal access, it infects theme files which further causes problem.
You can get professional services to fix such issue here - https://sucuri.net/
Sunshine PRO genesis theme
Need Genesis help? Davinder @ iGuiding Media | My Blog | Fresh Genesis ThemesDecember 11, 2014 at 11:05 am #134281anotherusernameParticipantWhich version of wordpress are you using? Were you up-to-date?
Also, is the help.php file native to the executive pro child theme? Or is it a php file that you created yourself or got off the web somewhere? Or maybe your ftp login / password was hacked and someone planted it there?
(I don't have executive pro but I don't remember seeing a help.php file before... I apologize in advance if it IS part of executive pro and I just am ignorant of it.)
December 11, 2014 at 12:28 pm #134286Davinder Singh KainthMemberI checked, help.php file is not contained in original theme package.
Sunshine PRO genesis theme
Need Genesis help? Davinder @ iGuiding Media | My Blog | Fresh Genesis ThemesDecember 11, 2014 at 5:57 pm #134333anotherusernameParticipantI checked, help.php file is not contained in original theme package.
Thank you for that confirmation, Davinder.
So the likely problem is:
1) They added a file with a backdoor in it
2) Their ftp / control panel login and password were compromised
3) They have a bad plugin with security flaw
4) they were using an outdated version of wordpress with a security flaw
5) Or their host has traced the problem to the wrong cause.
My guess is either 1, 2, or 3, but most likely 1.
December 11, 2014 at 9:35 pm #134341Davinder Singh KainthMemberYes and best way to fix this is - nuke everything and restore site from clean backup (hopefully there is one).
Sunshine PRO genesis theme
Need Genesis help? Davinder @ iGuiding Media | My Blog | Fresh Genesis Themes -
AuthorPosts
- The forum ‘General Discussion’ is closed to new topics and replies.