Litespeed plugin uploaded w/o permission?!?

  • I’ve been working on switching my HTML site to WP for a few days and everything is going well, but this morning I saw that a Litespeed Cache plugin had been uploaded and activated! I never heard of the plugin and didn’t upload it.

    In addition to installing the plugin without permission, it configured not one, but THREE .htaccess files in my server directory.

    Yes, I’ve deactivated and deleted the plugin, and deleted all three .htaccess files, but that’s not the point. I understand WP is open source, but that doesn’t mean my server is.

    Sorry if I sound a bit miffed, but I’m hoping someone can explain how this happened. Thanks.

    Chris

Viewing 4 replies - 1 through 4 (of 4 total)

  • If you’re hosting your site on a LiteSpeed server, that’s “normal” thing in a way. ?? Happened to me as well, and that’s a kind of automatic feature. And the plugin is doing pretty good job as well IMHO.
    On the other hand if your hosting is not using LiteSpeed then it is rather unusual behaviour.

    Thread Starter thirdcharm

    (@thirdcharm)

    Hey sinip-

    Thanks for the reply. Yes, my web host uses Litespeed, but not sure I agree that it’s “normal” to install an unauthorized plugin that grants access to my directory without any permission or notice.
    I appreciate your input though.

    Thanks again.

    Thread Starter thirdcharm

    (@thirdcharm)

    I must be reading too much into this, which may well be true because I haven’t used WP before except on a localhost test site. I think I’ll stick with HTML for a little while longer.

    I have been researching this issue, because…well, here’s what happened. I got an email this evening from my host which said that my account had been compromised and one of my domains was guilty of spamming. I explained to my host that I do not use that domain for any email addresses and we both began looking into the problem. It appeared that I suffered an attack on my website at 7 am this morning and possibly another about 24 hours before.

    .htaccess files were changed. Multiple .htaccess files were added. My config files were changed (meaning somebody probably has my mySQL passwords–I changed them) and I had “litespeed” installed all at the same time. Also a number of files were infected…it’s a real mess.

    I highly doubt that you had the actual Litespeed plugin installed without your permission. You may want to check all your files and also virus scan.

    My host is claiming it’s my “outdated php code” that let the hacker in, but I think that’s the generic response. I am meticulous about my updates.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Litespeed plugin uploaded w/o permission?!?’ is closed to new replies.