hi there! i created the website (estupending.com) 2days ago, and today, have been hacked. Any ideia how they proceed? what should i do, to prevent things like this? regards.
When you installed WordPress, was there an installation/configuration script that you were supposed to delete but forgot? Did you change any directory or file "permissions" settings (such as to 777)? It looks like you've got a bunch of WP plug-ins installed. WordPress itself is vulnerable sometimes, and the plugins, too. Research any plug-in before you install it. You can do some research by browsing around at http://secunia.com/search/?search=wordpress. Look up every plug-in you use. Also research every non-WP plug-in and script that you get from outside sites, and every bit of code that you put on your page that gets its content from outside (like hit counters, etc.). Every one is a potential avenue for a hacker to get in. Don't just roam around the web grabbing every neat gadget you can find to put on your pages. You need to research every one. Too bad you got hit so soon after launching, but at least you didn't have a huge investment, so this is a good time to learn.
hi. thanks for the help! i have contacted the hacker and he propose to help me back with the security problems lol anyway.. i tryed to do everything by "the book" as far as i know. the necessary files, configuration, the permitions, a index.html in every directory to hide the content.. i get all the plugins from wordpress.org, and use those i think need, nothing more(even they seems so many). but in the future i'll use that site for the reviews! a question.. the best log and way to indentify the "changed files" by the hacker in the cpanel? yes, it's a new site, and already have a huge story lol and i'm trying to learn, as much i can!! thanks again! cheers
t1ag0 - Not only is your site hacked, its also dishing out a virus. As soon as I went to the site my anti-virus popped up, and the site tried to run an install script. Please remove the address from your post!!!!! Anyone with an out of date anti-virus might get their machine infected if they go to that site.
You can use cPanel > File Manager to inspect files manually, but the directory listings don't show changed dates. Very cumbersome. FTP would be easier, since you can sort on the Date Modified column. But they could have hacked the database, too, and that may not be easy if you're very new to this. For a brand new installation to get hacked so fast, something has to be seriously wrong. Could also be spyware on your computer that got hold of your password, so do a spyware check. Tell your webhost what happened. They might even help resolve it. You might find it easier to wipe the site, and start it again from scratch. Hopefully you have clean local copies of your HTML pages. If necessary, you can copy the text of your blog articles and then repost them after you rebuild the site. Until you're more familiar with the risks they pose, I'd omit shoutboxes and anything that allows users to comment, post, or otherwise submit content, and also leave out the third-party scripts like hit counters and stats scripts. Some other rules: use strong passwords; never use a password in more than one place.
i'll check with the ftp program! and got news.. probably it's my fault, but i'm not the only one in this server! (i'm doing the website 4fun, so i tryed a freehost) *board.freewebspace4me.com/showthread.php?t=689* yeah i got the original files, and a backup of DB before the attack, but in need to understand this deeply to avoid the same issues again! i'll follow all your advices! thanks again, for your patience and help