Another WordPress site HACKED!

  • My blog just choked yesterday. A line of code was added to my header somehow:

    <META HTTP-EQUIV=”Refresh” Content=”1; URL=https://clkopa762.com.ru”>

    I can’t find that line of code for some reason. It doesn’t show up in any of my “Kubrick” files. If you hit stop immediately after my page loads you can see the site and view source.

    https://www.rustyhinges.com

    Any ideas for a fix?

Viewing 4 replies - 1 through 4 (of 4 total)

  • Your source shows you are still on 1.5.1.3, so you should probably upgrade immediately to 1.5.2!

    Look for the addition in the index.php in your blog’s root directory. This may not have been a WP hack…

    Thread Starter rustyhinges

    (@rustyhinges)

    Yep, it was in the index.php of the root directory. How in the world? And thank you Kafkaesqui!

    Moderator James Huff

    (@macmanx)

    How in the world?

    If the file’s permissions were 666 or higher, and if someone on your shared server managed to break in to your hosting environment, they would be able to edit the file and add whatever they wanted to. That’s why Kaf suggested, “This may not have been a WP hack.”

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Another WordPress site HACKED!’ is closed to new replies.