Community Forums › Forums › Archived Forums › General Discussion › code injection in functions.php
- This topic has 6 replies, 3 voices, and was last updated 10 years, 10 months ago by jroytw.
-
AuthorPosts
-
May 20, 2013 at 3:47 am #41791jroytwMember
I have a website running Genesis since some months and today my host told me that my website was hacked, I found the code in the file functions.php of my child theme, this file was very simple, just some add_filter and a function to customize the footer, do you know how to protect my website from hackers???
May 20, 2013 at 6:03 am #41799AnitaKeymasterPlease post a link to your website? Not all hosting companies know what they are talking about.
Love coffee, chocolate and my Bella!
May 20, 2013 at 6:34 am #41809jroytwMemberI clean up the code so you will not see anything in the code, and people in this hosting company really know what they are talking about.
I got this problem with many websites (all with the same hosting company), all my websites are running WordPress, some with child theme of Genesis, some with child theme of TwentyTen/TwentyEleven, and another website with a theme from another theming company.
All these websites was hacked last week, for half of them a base 64 code was injected in many files (WP files and theme files) and for Genesis theme it was different, the hacked injected directely a php code in functions.php.
Another thing, I wasn't the only one on this shared server, most of all WordPress was hacked.
May 20, 2013 at 6:50 am #41812AnitaKeymasterThen your hosting company did NOT tell you about the Brute Force Attack effecting all WORDPRESS websites across all of the hosting companies. It started in April and they should have made you away of this issue. You need to change all of your user ID's and passwords on your account. If you have any accounts with the default USER ID of say, ADMIN or ADMINISTRATOR - the injection goes to your login, and the code basically runs a check to see if there are user id's set up with those names - if so, then they run a code to hack the password.
So you need to make your user id's and passwords stronger. Brad Dalton did a great video on walking your through changing out the ADMIN or ADMINISTRATOR videos here - http://www.youtube.com/watch?v=gvq36XUAYHI.
Do a search on Google for "Brute Force Attack" from the last month and you will see all of the news about it.
But.... your hosting company should have made you aware of this.
PS: You can also use this free tool to general strong passwords:
Love coffee, chocolate and my Bella!
May 20, 2013 at 6:52 am #41813Victor FontModeratorOne of my customer's sites was hacked several months ago. The breach occurred when they hacked FTP and gained access to the file system. They installed a plugin, hacked functions.php and the theme's css file. It was easy enough to clean up once the initial shock and sense of being violated wore off.
Regards,
Victor
https://victorfont.com/
Call us toll free: 844-VIC-FONT (842-3668)
Have you requested your free website audit yet?May 20, 2013 at 6:54 am #41815AnitaKeymasterI don't know if we bumped heads on posting, but make sure you read my message above yours.
Love coffee, chocolate and my Bella!
May 20, 2013 at 6:57 am #41816jroytwMemberAnitac,
the first attack on my website start 2 years ago, not last April...
and I already did all you said about strong password. -
AuthorPosts
- The forum ‘General Discussion’ is closed to new topics and replies.