StudioPress Community Forums

StudioPress Community Forums (http://www.studiopress.com/support/index.php)
-   General Discussion (http://www.studiopress.com/support/forumdisplay.php?f=7)
-   -   Website Hacked - Any thoughts?? (http://www.studiopress.com/support/showthread.php?t=123239)

vfontjr 11-04-2012 12:06 PM
Website Hacked - Any thoughts??
 
A site I have manage somehow got hacked and defaced. The site is heartofmyheartorphanage.org. It uses the Genesis Outreach (Ver. 1) theme. I’ve repaired the damage, but thought you might appreciate the details. The hackers:

1. Changed the site’s admin account back to the default admin name and erased the admin email.
2. Installed a plugin called [iframe]
3. Replaced the site’s functions.php file with one of their own.

If anyone has any thoughts on how they did this, I'd appreciate hearing your ideas.

NicktheGeek 11-04-2012 06:56 PM
It can be a beast since it can occur in more than way. If you are lucky you can fix it by:
  • Replace all WordPress files except the wp-config.php file via FTP with a new clean download from wp.org
  • Delete all themes you aren't using including Genesis
  • Delete all plugins
  • Upload a new copy of Genesis and remove any malicious code from the child theme. Since the child theme is simple it should be easy to identify code that wasn't part of the original theme or code you added.
  • Log back into WordPress and change your password
  • remove any users you don't recognize
  • upload your plugins again, make sure they are clean copies
  • change FTP passwords and do a virus scan on your computer and any other computer that has FTP or admin access to the site.

You should check out this article
http://www.copyblogger.com/wordpress-website-security/


All times are GMT -5. The time now is 03:04 PM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.