• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 133
  • Last Modified:

Word Press - Someone wrote to index.php

I was visiting a website I created in WordPress.  When I went to www.mywebsite.com, I got this javascript alert:
"your site may be victim of hackers we offer a solution can contact us sebastiano.gz123@gmail.com"

after downloading the site files, I see that index.php has been physically changed to include this code at the very top:
<script>
alert('your site may be victim of hackers we offer a solution can contact us sebastiano.gz123@gmail.com')
</script>

I removed it and the site is back to normal.

What I'm wondering is, how can someone write to index.php?  Are there security settings I should've been aware of?
I'm using a theme I made - only the second one I've ever done, but I don't know how that would open up WordPress to a hacker.

No other sites on my server seem to be affected (including WordPress sites).

Any suggestions on things I can do to make sure this hack doesn't happen again?  I'm sure it will...

Thanks!
0
slightlyoff
Asked:
slightlyoff
  • 3
  • 2
2 Solutions
 
Jason C. LevineNo oneCommented:
What I'm wondering is, how can someone write to index.php?  Are there security settings I should've been aware of?

Sort of.  What happened is your hosting is compromised or you have vulnerability in a plugin or theme file that is being exploited.

I've written an in-depth article on this:

http://www.experts-exchange.com/Web_Development/Blogs/WordPress/A_10806-Recovering-From-and-Preventing-WordPress-Site-Hacks.html
0
 
Alicia St RoseOwner & Principle Developer/DesignerCommented:
You might want to sign up for Sucuri.net services. They are WordPress friendly! They will monitor your site and stamp out anything they find right when it's starts to happen.

They got rid of some crazy Viagra links that wouldn't die from one of my client's sites.
0
 
slightlyoffAuthor Commented:
Thank you for the help!  I'll take a look at Securi - I downloaded and installed the plugin so we'll see how that goes.
I appreciate the info as well!
0
Cloud Class® Course: Microsoft Windows 7 Basic

This introductory course to Windows 7 environment will teach you about working with the Windows operating system. You will learn about basic functions including start menu; the desktop; managing files, folders, and libraries.

 
Jason C. LevineNo oneCommented:
Sucuri's plugin does very little by itself.  You would be better off with WordFence...
0
 
slightlyoffAuthor Commented:
I'll take a look at that one as well.  Thanks for the heads up.  I might use the service Sucuri offers as well - but being that this was my first theme - I wanted to really know what I missed (if it's my theme that's causing the leak)...  very annoying.  

Thanks again for the help!!!
0
 
Jason C. LevineNo oneCommented:
Might be your theme, but if you hand-coded it yourself then it's more likely a plugin or a folder/file permission set too high. If you altered an existing theme, it might be there.

If you are willing to pay for Sucuri's service, then the plugin and the service get a lot more awesome.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now