[wp-hackers] wordpress theme script injection (hosted on dreamhost)
ozh at ozh.org
Sun Oct 31 18:15:51 UTC 2010
Typically not a Dreamhost issue, otherwise there would be *thousands*
of people screaming, and me in first line
Being up to date with WP is fine, but most hack on shared hosting are
not done using WP
- check file permissions <http://codex.wordpress.org/Hardening_WordPress>
- check other softwares & scripts running on your blog
- change your main/SSH/FTP password
- change your WP password
I once had a WP blog hacked on Dreamhost. A few hours of investigation
later (checking all the above + inspecting access logs) I found out
that the insecure stuff was Scuttle (a delicious clone).
On shared hosting WP is often the target, but rarely the entrance.
On Sun, Oct 31, 2010 at 4:07 PM, Mladen Adamovic
<mladen.adamovic at gmail.com> wrote:
> Hi guys,
> My wordpress software instance was repeatedly hacked ... running latest
> Wordpress source code and being hosted on Dreamhost.
> I don't know which exploit it did use and couldn't identify it, but it was
> adding the following code to my default theme footer.php:
> enc =
> dec = unescape(enc);
> I think I'll have to migrate to Blogger, since I couldn't identify exploit
> it did use.
> I wanted to drop you an email anyhow since identifying exploits is
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
More information about the wp-hackers