Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Word Press - Someone wrote to index.php

Posted on 2015-02-07
6
Medium Priority
?
115 Views
Last Modified: 2015-02-09
I was visiting a website I created in WordPress.  When I went to www.mywebsite.com, I got this javascript alert:
"your site may be victim of hackers we offer a solution can contact us sebastiano.gz123@gmail.com"

after downloading the site files, I see that index.php has been physically changed to include this code at the very top:
<script>
alert('your site may be victim of hackers we offer a solution can contact us sebastiano.gz123@gmail.com')
</script>

I removed it and the site is back to normal.

What I'm wondering is, how can someone write to index.php?  Are there security settings I should've been aware of?
I'm using a theme I made - only the second one I've ever done, but I don't know how that would open up WordPress to a hacker.

No other sites on my server seem to be affected (including WordPress sites).

Any suggestions on things I can do to make sure this hack doesn't happen again?  I'm sure it will...

Thanks!
0
Comment
Question by:slightlyoff
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 70

Accepted Solution

by:
Jason C. Levine earned 1000 total points
ID: 40596307
What I'm wondering is, how can someone write to index.php?  Are there security settings I should've been aware of?

Sort of.  What happened is your hosting is compromised or you have vulnerability in a plugin or theme file that is being exploited.

I've written an in-depth article on this:

http://www.experts-exchange.com/Web_Development/Blogs/WordPress/A_10806-Recovering-From-and-Preventing-WordPress-Site-Hacks.html
0
 
LVL 8

Assisted Solution

by:Alicia St Rose
Alicia St Rose earned 1000 total points
ID: 40597814
You might want to sign up for Sucuri.net services. They are WordPress friendly! They will monitor your site and stamp out anything they find right when it's starts to happen.

They got rid of some crazy Viagra links that wouldn't die from one of my client's sites.
0
 
LVL 1

Author Closing Comment

by:slightlyoff
ID: 40598319
Thank you for the help!  I'll take a look at Securi - I downloaded and installed the plugin so we'll see how that goes.
I appreciate the info as well!
0
Plesk WordPress Toolkit

Plesk's WordPress Toolkit allows server administrators, resellers and customers to manage their WordPress instances, enabling a variety of development workflows for WordPress admins of all skill levels, from beginners to pros.

See why 2/3 of Plesk servers use it.

 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 40598424
Sucuri's plugin does very little by itself.  You would be better off with WordFence...
0
 
LVL 1

Author Comment

by:slightlyoff
ID: 40598430
I'll take a look at that one as well.  Thanks for the heads up.  I might use the service Sucuri offers as well - but being that this was my first theme - I wanted to really know what I missed (if it's my theme that's causing the leak)...  very annoying.  

Thanks again for the help!!!
0
 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 40598448
Might be your theme, but if you hand-coded it yourself then it's more likely a plugin or a folder/file permission set too high. If you altered an existing theme, it might be there.

If you are willing to pay for Sucuri's service, then the plugin and the service get a lot more awesome.
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In Part I (http://www.experts-exchange.com/Web_Development/Blogs/WordPress/A_8410-Getting-Started-In-WordPress-Part-I.html), I introduced you to the powerful WordPress backend, the WordPress administrative Dashboard.  In Part II, I will introduce yo…
So you have coded your own WordPress plugin and now you want to allow users to upload images to a folder in the plugin folder rather than the default media location? Follow along and this article will show you how to do just that!
The purpose of this video is to demonstrate how to integrate Mailchimp with WordPress, by placing a Mailchimp signup form on a WordPress Page or Post. This will be demonstrated using a Windows 8 PC. Mailchimp will be used. Log into your Mailchi…
The purpose of this video is to demonstrate how to set up basic WordPress SEO. This will be demonstrated using a Windows 8 PC. The plugin used will be WordPress SEO by Yoast. Go to your WordPress login page. This will look like the following: myw…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question