Hacked

are you on 2.3.3 before it was hack?

Yes. 2.3.3. I re-uploaded my files from before the hack and the ugly front page of the hacker is gone but it still redirects to their domain.

I removed their log-in information and replaced it with my own and my url but it still redirects to their site.

I’m a novice at database stuff but in looking around I see that there were changes made to wp_options, in various places.

What did I have set wrong that allowed them to get in and how can I change it to prevent it again?

I got my blog running again…is there anywhere else I should be looking for changes they may have made?

Thanks!

The email I got that alerted me to being hacked was one telling me that my password had been changed. Now I can’t log in. Where do I go (outside of wordpress) to get/change my password, since I can’t get in? I’m getting hung up when requesting a new password through the sign in screen.

Then it tells me that my session has expired, to check for the confirmation link in my email. I never get an email after that.

I’m ok now with the password thing but would like to know what to do to keep future hacks out of my database. Is this a wp setting or something with my host.

Thanks in advance!

(1) Set the display name to Nickname
(2) Make up a username that cannot be easily guessed
(3) Make up a password with special characters, Greek characters, numbers…
(4) Don’t leave the content of any folder viewable. The content of your wp-includes is viewable. That may not be the route through which they got in. But you don’t have to show what they don’t have to see.

That’s just small, simple defense that you can exercise.

Hi macsoft and thank you.

I apologize in advance for being dense…here are questions on what you said to do:

#1. Display name…the one in my profile settings? Does that mean to make the Nickname field and the display name the same?

#4. Where do I change whether a folder is viewable? Is that the same as changing permisssions?

Thanks again…I really appreciate it!

I would also like to know what is the best way to defend against hacking to our blog.

lorigreenberg,

#1 Yes, it’s under user’s profile. I would set a nickname that is no relation to your username. If the username of an admin account is revealed, then all they have to do to exploit your website is to guess the password in relation to that password.

#4 Change the CHMOD of folders to 711. If you want to listen to others, then set it to 755 and put an index file in each folder. Oh, whoa… We have thousands of folders.

>I would also like to know what is the best way to defend against hacking to our blog.

Patrolling your website daily, twice or three times a day, is the best defense. Most victims aren’t even aware of problems. Many of them are out of reach and ignore our kind notifications. The worst group of webmasters is colleges and universities for that reason.