• Resolved 4k

    (@4k)


    One of my blogs was hacked by some idiot calling himself, h-one Marrocon hackerz or some such.

    Hackers can’t spell apparently.

    My password was also reset which I restored through the database.

    I have all my files chmod as 644 and 755 I have akismet and bad behaviour installed, is there anything more I can do?

Viewing 6 replies - 1 through 6 (of 6 total)
  • Check through Hardening_WordPress.

    just read hardening wordpress out of interest, does this mean that wp-content files can be changed by anyone in the standard install? it says “/wp-content/ — variable user-supplied content: intended by Developers to be completely writable by all (owner/user, group, and public).

    * /wp-content/themes/ — theme files. If you want to use the built-in theme editor, all files need to be group writable. If you do not want to use the built-in theme editor, all files can be writable only by your user account” ” how would someone do that and how can i stop them if i still want to use the built in theme editor?

    Change the write permissions. IE, 777/666 is bad. 755/644 should be okay for those files. That makes them world-readable and world-executable, but not world-writable.

    Another thing you need to do is go into your database and change your admin username. Then pick a strong passphrase.

    Thread Starter 4k

    (@4k)

    Thanks. I’ve taken on some of those suggestions. Now if people could just go get a life. Sigh.

    How do I reset my password?
    Also, I have no backups to restore through the database.
    Is there any other way?
    Another thing I heard was to look at the plugins?

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Hacked’ is closed to new replies.