Virus attack being uploaded via WordPress

  • It looks like someone has discovered a way to upload files using WordPress. So they are uploading thousands of files with a .numeric making it difficult to delete them all by hand.

    How can you prevent upload?

Viewing 5 replies - 1 through 5 (of 5 total)

  • It sounds like your sites may have been hacked.

    To stop this you need to close the issue.

    Carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures and start backing up your site.

    Anonymous User 17160716

    (@anonymized-17160716)

    codeaholic, heya.

    So they are uploading thousands of files with a .numeric

    So what’s inside these files?

    How can you prevent upload?

    If you are sure that this is a file upload (attack), then look at the log files and through what files were uploaded. If it’s a vulnerability, then you need to fix it.

    If these files are generated by some code (plugin?), then it’s worth disabling plugins one by one until it becomes clear what generates these files.

    Thread Starter salescart

    (@codeaholic)

    It is happening on multiple websites. The virus scanner is making them as viruses. The basically are files like .13141915 when no first part of the file name. I haven’t opened the files because they are flagged by the virusscanner. They are everywhere but mainly on the root of the folder and the content/uploads folders.

    How do I completely disable ALL UPLOADS and ALL discussion posting. I don’t even have any discussion forums going on yet I got to the Admin and people are posting spam discussions to a page that doesn’t even have a discussion on it.

    This software is not very safe at all from exploits.

    Anonymous User 17160716

    (@anonymized-17160716)

    codeaholic,

    The virus scanner

    Which one?

    no first part of the file name

    Something that generates all these files are trying to make’em hidden, that’s all.

    How do I completely disable ALL UPLOADS and ALL discussion posting. I don’t even have any discussion forums going on yet I got to the Admin and people are posting spam discussions to a page that doesn’t even have a discussion on it.

    What’s the technical side of this problem? I mean WordPress version (for each website), used (installed > enabled and disabled) plugins / themes and any custom code (if you have it). This will be a good starting point.

    This software is not very safe at all from exploits.

    WordPress CMS is pretty secured right out of the box, so your statement is really weird.

    Thread Starter salescart

    (@codeaholic)

    Eset NOD32 is the anti-virus.
    If you have a recommendation for a windows server, let me know.

    All of the web sites are completely different. WordPress 5.9. PHP 5.6.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Virus attack being uploaded via WordPress’ is closed to new replies.