Im using Wordpress 2.2.1. All of sudden I'm unable to post new items. It just shows a blank white page. Strange. I have seen similar problems on different forums while I was browsing. Good thing I stumbled to this topic. It's about a recent wordpress website exploit.
Quoting:
The hacker exploited several WordPress vulnerabilities in administrative scripts to gain full access to the website (as permitted to apache user), including the ability to upload & run scripts, delete any file owned by apache user, view the file and directories etc.
The author mentioned about a file that was planted in the /tmp directory. The file name according to him was ro8kbsmawge.txt. I immediately checked the server and bummer! The hacker was able to put this in the /tmp directory -->ro8kfbsmag.txt. :(
I removed the file and as expected, I was able to post and publish new topics again.
So for all the guys out there facing the similar problem, I urge you to check your mahines as they may be compromised. If you're on a shared hosting, fire a support request to your hosts so that they can also be alerted. I also urge you to read the link I gave you because it helped me a lot in solving my problem.
Lesson learned. Restrict the /wp-admin folder to your network or ip address only. I'll continue reading Angsuman's post so that I can also pinpoint where the hacker came from and block his ip address from accessing the server again.
0 comments
Post a Comment