All Content
All Content
Podcast in iTunes
Follow me on Twitter
My WordPress Site Was Hacked
June 22nd, 2008 | Posted in Technical Writing |
My site was hacked today. Usually when someone says “my site’s been hacked,” the first response is, are you sure you didn’t screw something up yourself? Yes, I’m sure. Someone twittered that my tinyurl was showing a login page. Actually, for me it showed the install page below:
But I hadn’t been upgrading or installing anything. Something was definitely wrong.
I wondered if it was a hacker, so I searched the WordPress forums and found a post indicating a similar experience. Not only did my blog show the install screen rather than content, the wp_options table in the database also needed to be repaired.
I guess I’m used to not freaking out when things are broken. And just last week, I backed up my blog. So I was calm about it. Still, it surprised me that I didn’t start hyperventilating or getting even the least bit stressed. Maybe that’s a spinoff of having become a technical writer. Oh, it’s broken? Let’s see what seems to be the matter ….
Anyway, if you have the same hacked symptoms, here’s how you fix it:
- Enter your web host’s cPanel, click the MySQL database button, select the database for your blog, and then click the Repair Database button. This should fix the wp_options table and allow your site’s content to reappear, rather than the install screen.
- Log in to your site, click the Users tab, and delete any new admin users. I had someone in there with the email mdburke@maine.edu.
- Delete the 30+ new “Hello World” and “About” posts.
- Change your password to your site and web host to something much stronger.
That’s about it. I’m not sure what the hacker’s point was. I do have the latest version of WordPress (2.5.1).
As a measure of prevention against future attacks, I installed the Ask Apache Password Protect Plugin, which was recommended in this WordPress Codex article on “Hardening WordPress.” Actually, this plugin turned out to be problematic. It locked me out of my admin panel completely. If this happens, just delete the new .htaccess file that appears in your wp-admin folder, and you should be able to log back into your site.
Related Posts
- Podcasting site is finished
- Thank You Silahsiz Kuvvetler for Showing Me the Light
- Figuring out Audio
- Are Newsletters Dead?
- Podcast site almost ready
Tags: fix, site hack, WordPress 2.5.1
June 23rd, 2008 at 11:18 am
Oh Tom that’s just terrible. Thanks for reminding me that I need to backup my fresh install. I’m glad to learn from others’ experiences.
Keep on writing.
Tony Chungs last blog post..My visit with The Shack
June 26th, 2008 at 5:06 am
Thanks for reminding me that i must to buckup my blog database
Your blog is one of my preferred !
July 12th, 2008 at 10:32 am
Tom, my blog had the same issue just an hour ago. I googled, and found your post here. Did what you wrote, except for the sql repairing thing, I must query repair wp_options. But it did fix the problem though. Thanks for the advise! I did search for unusual user accounts with admin privilege but nothing found. I’m now trying to strengthen everything I could for the blog.
Thanks again!
July 12th, 2008 at 1:37 pm
Kelly, glad you were able to find this post and solve the problem. I noticed a couple weeks later that all my pages had become posts, but I don’t know if the problem was related to the hack at all. Still, you might want to check on that.
July 13th, 2008 at 8:09 am
That sucks about getting hacked. Good thing you had a recent backup!
Sheri Bigelows last blog post..Google AdWords Keyword Tool Starts Showing Approx Search Volume Numbers
July 25th, 2008 at 9:34 am
I had the same thing happen to one of my blogs. Looks like it was broken for about 24 hours before the hacker came back and added the account and pages.
I was running 2.6
July 26th, 2008 at 6:48 am
oh I should get a blogger blog
August 8th, 2008 at 10:31 am
nice info bro
pass overs last blog post..SEC Web Guidelines Vex Press Release Services
August 17th, 2008 at 9:57 pm
Yes,It’s important to backup the data.Thank you very much for your post.I thing blogger is less prone to such hacks.Any ways it’s better to hav a bakup
Srikis last blog post..Hacking Yahoo Messenger