WP Security Problem: MySQL Injection Schema, Dataext, and fuzzer
 

Hi,

I noticed a s.py file in the website ftp.

Some kind of script called MySQL Injection Schema, Dataext, and fuzzer.

I also found a picture of some dumbass from Asia.

It's very frustrating being hacked.

Do you know what I should do about that? Anyone experienced that before?

Thanks
Adri

You have been the victim of an injection attack unfortunately.

You need to go thru your site, every directory, and look for suspect files. There are usually several rogue files that they install. They will usually have a php extension. They especially like to hide files in your uploads directory.

You should also reinstall WordPress being careful to follow directions on wordpress.org so you don't delete files you don't want to delete.

Make sure you keep your WordPress install up to date and your plugins as well.

Hi Violet,

Thank you for a very fast response.

The attack was done on a add-on domain. Should I verify every directory including other add-on domains and the main one?

Also, can you direct me to trusted sources on how to reinforce security on wordpress.

I actually deleted the whole wordpress installation, database, the domain, everything.

This was a dormant domain with a old wordpress running another framework (NOT genesis).

Adi

Genesis Rocks

Check every directory.

Google "secure wordpress" and you'll find several resources. There are lots of steps you can take.

Good luck!

Thank you

I'll work on it.

Adi