Home – New Forums Other discussions Hacked Website

  • This topic is empty.
Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • #978811
    Angelgirl
    Member
    • Total posts: 30
    Up
    0
    ::

    HI all

    Has anyone else had their webpage hacked by 1923TurkGrup????????
    I now have a great list of things to do, and as I am only new to websites I am really at a loss at how to do all this. I have a WordPress site (apparently this is really easy to hack into!!) and not sure if I can retrieve my files or not.

    Any help would be greatly appreciated.

    Debbie
    Get It Right Proofreading.com.au

    #1109683
    John C.
    Member
    • Total posts: 439
    Up
    0
    ::

    Hi Debbie,

    Wordpress is no easier or harder to hack than any other website. A username and password can be compromised by various different methods, and any website is vulnerable if security patches and updates aren’t applied regularly.

    In regards to recovering – do you have a backup of your website? If you don’t, then does your web hosting provider or website developer?

    The best way to recover from a hacked website is to delete all your files and restore from a known safe backup. It’s also important to make sure that you address whatever vulnerability they used to get in in the first place – did they get your username and password from somewhere? Did they take advantage of a security vulnerability in an old version of your server software? If you don’t know the answers to these questions (and I realise you probably don’t) then you should probably ask for help from your hosting provider or web developer.

    I use a plugin called BackupBuddy for performing regular backups of my websites. This plugin also inlcudes a malware scan and a discount to a security package called securi.net – one of the many features of securi.net is that if you buy a subscription, they will clean up any existing infections for you. It’s not cheap, but may be what you need if you don’t have anyone else to help you.

    Good luck.
    John

    #1109684
    Divert To Mobile
    Member
    • Total posts: 2,751
    Up
    0
    ::

    Great lesson for all.
    Dont use cheap hosting,
    keep an eye on your log files,
    use good passwords and change them regularly,
    dont save your passwords in your browser,
    make sure you always log out of your cpanel.

    Steve

    #1109686
    Angelgirl
    Member
    • Total posts: 30
    Up
    0
    ::
    Divert To Mobile, post: 122107 wrote:
    Great lesson for all.
    Dont use cheap hosting,
    keep an eye on your log files,
    use good passwords and change them regularly,
    dont save your passwords in your browser,
    make sure you always log out of your cpanel.

    Steve

    Hi Steve
    Actually it looks like it may have been my fault – but I thought it was through the hosting. I never save my passwords to browser, and always log out of everything. Looks like it was my password, which unfortunately I had not changed in a while. Oh well, we all learn don’t we?
    Debbie

    #1109687
    BrettM33
    Participant
    • Total posts: 1,372
    Up
    0
    ::
    Angelgirl, post: 122112 wrote:
    Hi Steve
    Actually it looks like it may have been my fault – but I thought it was through the hosting. I never save my passwords to browser, and always log out of everything. Looks like it was my password, which unfortunately I had not changed in a while. Oh well, we all learn don’t we?
    Debbie

    Do you know they got in via your password for sure!? One thing with using things like WordPress and many plugins is sometimes a plugin you use may be written by someone that doesn’t really know what they’re doing or isn’t really security conscious and may leave a “back door” open for hackers to get in.

    Even when you do know what you’re doing sometimes coders still miss things and hence this is why there are so many security patches released for software once back doors and such are discovered.

    Trouble is when using commercial software is anybody can download and inspect the code and try and find any vulnerabilities in the code and if any are found then word may get around that “x” problem exists with version “x” of certain software and hence hackers go around looking for sites still running said version; this is why a lot of commercial software no longer states the version number of the software in user accessible areas as then hackers could easily find vulnerable sites by doing a Google search; a good example would be PHPBB forum software used to show the version number and after one such attack on their software they removed the version number from the footer of their software.

    #1109688
    jacksonalsop
    Member
    • Total posts: 41
    Up
    0
    ::

    One of the most common ways WordPress installs get hacked is through exploiting unpatched issues with plugins.

    While it could have been a weak password on your behalf, I’m willing to bet it was most likely a plugin that you had installed that was used for the exploit.

    edit: A quick google brought up this: http://www.djerk.nl/wordpress/2009/hacked-but-not-for-long

    Looks like this group uses google to search for common exploits in various CMS installs and then messes with whatever sites that they can. They could have gotten in through a plugin or a theme you had installed. I’d have to see your actual site and go from there to figure out what it was.

    #1109689
    Netorigin
    Member
    • Total posts: 421
    Up
    0
    ::
    Angelgirl, post: 122098 wrote:
    HI all

    Has anyone else had their webpage hacked by 1923TurkGrup????????
    I now have a great list of things to do, and as I am only new to websites I am really at a loss at how to do all this. I have a WordPress site (apparently this is really easy to hack into!!) and not sure if I can retrieve my files or not.

    Any help would be greatly appreciated.

    Debbie
    Get It Right Proofreading.com.au

    Hi Debbie,

    I’d highly recommend reading this WordPress hacked guide (http://codex.wordpress.org/FAQ_My_site_was_hacked) as a check list.

    Cheers,
    Shaun

    #1109690
    kathiemt
    Member
    • Total posts: 1,167
    Up
    0
    ::

    So sorry to hear this Debbie. Updating plugins and versions of WordPress on a regular basis is important. It’s something I need to constantly keep on top of for my clients. I make sure I have a backup plugin set up too with regular backups created.

    Your webhost should be able to assist if you have challenges getting the site restored but I expect there are a few of us here too, who can assist.

Viewing 8 posts - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.