2.0.4 WordPress hacked. Second time

  • Resolved frat001

    (@frat001)


    18 years, 4 months ago

    Hi everyone,

    I used Fantastico script (provided by my hosting facility) to install WordPress 2.0.4.

    This is the second time my database user’s info is hacked, the database is erased and the user deleted. My hosting has loaded my last backup very fast on my prior occasion but I am aware that this is not the final solution.

    I am a newbie so I am probably leaving something out there unprotected (I think it has to be related to the wp-config.php file. I have that file with 755 CHMOD).

    Can anyone point me at the security hole I am leaving out or tell me if there is something wrong with the script I am using?.

    Thanks,
    Tony

Viewing 4 replies - 1 through 4 (of 4 total)

  • A) Upgrade to 2.0.5. I don’t know all the details, but I know it had some security related fixes.

    B) In general, you want your FILES to be 644 and Directories to be 755.

    I am a newbie so I am probably leaving something out there unprotected (I think it has to be related to the wp-config.php file. I have that file with 755 CHMOD).

    To “drill in” what handy said..

    1. wp-config.php contains your mysql information.
    2. You never want to chmod a file thats contains sensitive information to 755. NEVER, EVER. For that matter, you never want to chmod a file like that to anything higher than 644.

    If in fact you had those particular permissions set, retrieving that information was probably no harder than bringing up your wp-config.php in a browser window.

    When it comes that that file, thats not a general rule, thats a must do.

    Sounds like you should change the passwords (to something not easy to guess would be good) on your host account login and MySQL db users as well.

    not to belabor this, for those that might read this thread and not understand, I wanted to clarify why I said “… probably no harder …” — there are situations where a file like that might have group/world readable permissions but be protected from snooping by an .htaccess

    From the sound of it though, that wasnt the case here.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘2.0.4 WordPress hacked. Second time’ is closed to new replies.