wp-phpmyadmin

  • I just recently went through a 2 day ordeal, wherein, multiple IPs have been used to exploit the wp-phpmyadmin installation on my websites.

    Apparently it created a backdoor and allowed exploits to inject code and create and { html:IFrame-PE [Trj] }.

    A very persistent attacker which set off Avast Antivirus…, but no other anti-virus programs.

    It took some time to determine whether the alert was valid, however, HostGator was able to verify it was an authentic alert and began digging.

    It ultimately exploited these files:

    /home/********/public_html/index.php
    /home/********/public_html/bakkehomes/index.php
    /home/********/public_html/wp-content/w3tc/min/index.php
    /home/********/public_html/bakkehomes.com/index.php

Viewing 5 replies - 1 through 5 (of 5 total)

  • Had this too. Auto re-install of WordPress removed it in about 1 second. But first I had to spend 30 minutes feverishly rooting around in the site before it occurred to me : )

    If there is a serious issue with this plugin, then please contact [email protected] with the plugin’s name and the details of the issue.

    I haven’t been able to connect this to a specific plugin. I did have an auto-resizer plugin and I uninstalled and deleted it. The exploit came back about an hour after I reinstalled WP.

    Anyone found a solution to this yet?? I get re-infected too … Thanks!

      I exported my wordpress database and downloaded all media
      Wiped my files from public_html
      Dropped WordPress DB using PHPMyAdmin
      Changed all passwords – WP, PHPMyAdmin, site cpanel
      created new WordPress manually (not using CPanel) in a different directory than used previously (drawback: existing links to my blog now go to 404 page)
      Changed the DB table name prefix in config to something other than “wp_”, admin account to something other than “admin”
      Found a plugin to relink all URLs to new location
      Locked down the wp-config file chmod to 600
      re-imported db
      Virus-scanned media
      Uploaded media

    This is a major PITA I could have avoided if I knew to do all this years ago when I set it up. WordPress needs to do a better job of hardening at install IMHO.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘wp-phpmyadmin’ is closed to new replies.