ju1ie

I have the same issue also (after upgrading to 2.8). I have mine deactivated also, and everything is back to normal again. I wish I could use the plugin again. I miss my smilies. ??

i just talked to my hosting company and they told me that they are getting this error: [Thu May 17 13:41:39 2007] [error] [client 72.12.208.4] mod_security: Access denied with code 403. Pattern match “!(^application/x-www-form-urlencoded$|^multipart/form-data;)” at HEADER(“Content-Type”) [severity “EMERGENCY”] [hostname “loveju1ie.com”] [uri “/wp-admin/index-extra.php?jax=devnews”]

how can this be fixed????

I’m having the same problem. I want to know how to fix this as well.

I tried to “repair” my wordpress database and that didn’t work. I really don’t want to delete the recent posts that I’ve made to my wordpress site. I have found a backup (dump) of a previous wordpress database prior to getting hacked. But the SQL is in notepad/text format. I don’t know if that’s alright or not. Do I have to delete my wp_posts when restoring my wordpress database?

Yeah, I don’t have (both) of them installed. Right now, I just have Rich’s version on my site.

I’ll try restoring the database and see what happens. Hopefully that will do the trick.

Thanks for your help!

I’m having the same problem. I’m using the latest version of wordpress( 2.05 )and I’m showing no cache folder in my wp-content at all. What should i do?

PS. I downloaded wordpress again, and copied everything to my wordpress site; now its still not showing in my wp-content. I also manually created a cache folder, but I don’t think wordpress is using it.

Some of my plugins aren’t working either. I have custom smiley’s and Rich Hamilton’s Catagory visibility and none of them are showing in the “manage” tab. I have both of them activiated, but I can’t figure out why its not showing in the “manage tab”.

If I stop it from listing on the index page if I try to click on the link it doesnt display there either..

I receive Sorry, no posts matched your criteria.

I have the same problem!!!^ ??

Yes, my host/support& abuse team did the ftp logging for me; and they didn’t say much about it (yet); they asked me if they hacker returned and I told them they the hacker did return; and they said i had some unstable scripts prior to getting hacked (for example and ask n’ answer script was very old and unstable and had alot of vulnerabilities in it). So they told me to delete any scripts that would be unstable and to change my password in my cpanel/ftp/wordpress and that’s pretty much all they said about that.

I am still discussing it with my host though.

I have been talking with my hosting about my recent site hack and they told me this:

There are some cases of XSS attacks on these type of applications, which are essentially used to steal confidential data from a user. If your site uses cookie based authentication, then this could be possible. It is often better to utilize scripts which are session capable, and store the authentication token in the php session, since it is stored server side. You may want to check that out with the wordpress folks. It stops most XSSs, as cookie data is often the target of XSS attacks.

Also ask the wordpress folks if they know of any good mod_security rules to protect WordPress. I have not really found any WordPress specific rulesets, just general rule sets which apply to more SQL injection attacks.

So do any of you know any mod_security rules to protect wordpress?? Any feedback would be appreciated!

I never got any instructions from my host when i downloaded the log files or any info to put in to get the ftp logs. I’ll try contacting my host again.

I downlaoded it and i’m seeing the https://ftp.mysite-ftp_log

but when i put in the https://ftp.mysite-ftp_log and my password it gives me an error. i think i’m doing it wrong though.

i have cute ftp 7 professional.

I’m not sure how to ftp in the logs. I’m sorta new with the whole Ftp thing….

Yeah, I had the raw log manager enabled prior to getting hacked; so the monthly logs are archived. When you say to go into the “Raw logs manager” how do i ftp then download that month’s archive. I’m not sure what you mean by proxies either. I’m not to familiar with proxies. i just know about IP’s and that’s it. ??

Thanks for the reply. The IP’s that sitemeter caught was this: 196.202.61. and 196.202.69.

How do i look through the apache logs? I’m sure its in the cpanel; but i’m not sure how to go about looking through the apache logs. I think i will need your help after all. Thanks again for helping me out on nailing this hacker.