Yesterday my website was hacked. I am using v 3.0.4 of wordpress and all plugins are also updated. I am wondering what method the hacker used to penetrate my website. It deleted some of the content of my database making it useless, it deleted also all the plugin and themes. If I did not suspend my website may be all content was being deleted. My wp-config.php is writable and I am thinking that this is the mean reason why my website hacked. If you have any idea how the hacker get into my website please let me know to prevent further damage in the future. Thank you
Here's a useful article you should read. http://net.tutsplus.com/tutorials/wordpress/20-steps-to-a-flexible-and-secure-wordpress-installation/
Some tips: - Use security plugins - Use permissions on uploads, wp-content folder Now, how do hackers dig into your website might not be something that I am aware of, but I can tell you if the theme has been nulled, or if you have a weakly managed server, they get into it through scripts.
Hi, It seems that you give me an idea. Actually I am using thesis theme. I don't know how can it be nulled. What do you mean by it?
He means if you downloaded it for free from some sorta pirate channel. It could be a plugin issue depending on who wrote it though. It also depends on your server environment. If you have joomla running near by it becomes a bit easier to haxor stuff lol... Nigel
No. My theme is not pirated. And I don't have joomla also. Yes, your right joomla can be easily hack. I used it before but now I move to WordPress and Drupal.