Did I get hacked?

Discussion in 'Databases' started by PostProphet, Apr 25, 2008.

0
  1. #1
    I went into phpadmin into several wordpress blogs of mine to manually backup my database.

    I start seeing tons of extra tables that looked like:

    wp_2comments
    wp_2options
    etc...

    They are stuffed with keywords and links

    how did they do this and how do I keep this from happening again?

    thanks!
     
    PostProphet, Apr 25, 2008 IP
  2. amanamission

    amanamission Notable Member

    Messages:
    1,936
    Likes Received:
    138
    Best Answers:
    0
    Trophy Points:
    210
    #2
    Those are probably spam comments intercepted by Askimet (if you use it.)
     
    amanamission, Apr 25, 2008 IP
  3. only1idea

    only1idea Peon

    Messages:
    46
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    i don't think it's a hack
     
    only1idea, Apr 25, 2008 IP
  4. th13rteen

    th13rteen Banned

    Messages:
    300
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    0
    #4
    Nah. I don't think so. May have been created by one of your plugins. Well just see if there is anything suspicious going on.
     
    th13rteen, Apr 25, 2008 IP
  5. jestep

    jestep Prominent Member

    Messages:
    3,659
    Likes Received:
    215
    Best Answers:
    19
    Trophy Points:
    330
    #5
    Whether you did or not, in most cases it's not a good idea to give a script full permissions on a database. If you are running wordpress, give it select, insert, update, delete and then give it full permission only when you need to upgrade.
     
    jestep, Apr 25, 2008 IP
  6. PostProphet

    PostProphet Peon

    Messages:
    24
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #6
    thank you for the info.

    jestep, when you say script, do you mean plugin?


    wordpress standardly has only 10 tables, on a couple blogs I saw twice as many, and on another even 3 times as many. when I viewed the sql file it was nothing but hundreds of links and keywords. would putting a index.htm file in the plugin folder stop this, that away bots can't see what plugins I"m running and exploit them?
     
    PostProphet, Apr 25, 2008 IP
  7. jestep

    jestep Prominent Member

    Messages:
    3,659
    Likes Received:
    215
    Best Answers:
    19
    Trophy Points:
    330
    #7
    Do you have bad behavior or another spam blocking plugin? This may be what is causing the problem. Also did you recently upgrade wordpress? SOmetimes if an update gets messed up, you can end up with old tables that should have been deleted.

    Usually plugins use the same config file as wordpress. I would only give that user that you specify in the config file, select, insert, update, delete privileges.
     
    jestep, Apr 25, 2008 IP
  8. PostProphet

    PostProphet Peon

    Messages:
    24
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #8
    yeah i use Askimet. i remember seeing those privileges somewhere, but where do i change them? the server admin panel?
     
    PostProphet, Apr 25, 2008 IP
  9. PostProphet

    PostProphet Peon

    Messages:
    24
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #9
    Ok, I found out the issue,

    The reason why there were extra tables was because I had 2 other blogs on the same database. Since I erased the other tables except for the original 10, the other 2 blogs started from scratch. I restored the template and now I just get that one welcome to wordpress blog post.

    I have backups, so how do I get all of the posts back onto the blog? I tried to import it, but the posts aren't showing up on the blog.

    Any help would be greatly appreciated.
     
    PostProphet, Apr 26, 2008 IP