Results 1 to 10 of 10
  1. #1
    Join Date
    Jul 2007
    Posts
    2,051

    all wordpress blogs hacked

    In a strange turn of events, all the wordpress blogs in one of my Cpanel servers got hacked. The homepage of all the blogs show that it has been hacked by 3xp1r3. The strange thing is that all of them have different wordpress themes. If it was the same theme used in all the blogs, I would have thought it was some vulnerability of a particular theme, but here it is a different story. It leads me to believe that it is either some vulnerability in Wordpress or it is because of some malware in Cpanel leading to the hacking of the wordpress blogs. Does anyone know what could be the exact reason and a solution?
    Prashant T.

    Don't run after Success. Run after Excellence and Success will soon follow.

  2. #2
    Join Date
    Nov 2005
    Location
    /etc/fstab
    Posts
    1,342
    First thing comes in my mind, did you upgrade your Wordpress to 3.3.2 which was released on 20th this month before getting hacked?
    Mellowhost - Providing High Quality Web Hosting Services since 2007
    SSD Cpanel Shared, SSD OpenVZ & KVM VPS Hosting
    A Hosting Provider with Complete SSD VPS & Shared Hosting.

  3. #3
    Join Date
    Apr 2003
    Location
    London, UK
    Posts
    4,721
    You mentioned themes, but are the actual wordpress installs and any modules/plugins all up to date?

    *edit didn't see that ^ beaten ..

  4. #4
    Join Date
    Jul 2007
    Posts
    2,051
    I haven't seen all the wordpress websites' versions. A few of my own were not running the latest version. I upgraded them all now. However, the funny thing is that in the other servers where I have older versions running, none have been hacked. It is only in one server that all the wordpress blogs have been hacked.
    Prashant T.

    Don't run after Success. Run after Excellence and Success will soon follow.

  5. #5
    Join Date
    Apr 2003
    Location
    London, UK
    Posts
    4,721
    I think you just answered your original question. Exploiting one outdated install often gives a fairly easy path to any others on that box.

    Quote Originally Posted by prashant1979 View Post
    However, the funny thing is that in the other servers where I have older versions running, none have been hacked. It is only in one server that all the wordpress blogs have been hacked.
    Different server, you are probably just lucky nobody has queried the sites on that box yet. It's likely only a matter of time, update them!

  6. #6
    Join Date
    Nov 2009
    Location
    /etc/my.cnf
    Posts
    10,657
    Quote Originally Posted by prashant1979 View Post
    In a strange turn of events, all the wordpress blogs in one of my Cpanel servers got hacked. The homepage of all the blogs show that it has been hacked by 3xp1r3. The strange thing is that all of them have different wordpress themes. If it was the same theme used in all the blogs, I would have thought it was some vulnerability of a particular theme, but here it is a different story. It leads me to believe that it is either some vulnerability in Wordpress or it is because of some malware in Cpanel leading to the hacking of the wordpress blogs. Does anyone know what could be the exact reason and a solution?
    Your going to need a full server security audit along with updating all those blogs if you havent already done so
    UK Based Proactive Server Management.
    Zabbix Enterprise 24/7 Monitoring.

  7. #7
    Always update the wordpress to latest releases as it fixes all the open vunrablities and check the permission of wp-config too.

  8. #8
    Join Date
    Jun 2003
    Location
    World Wide Web
    Posts
    581
    Prasanth,

    One click upgrades on wordpress works quite well but I'd also recommend you to have the wordpress RSS feed configured in your mail client to catch up with latest news and updates from the development team.

    You will need it with so many blogs running...

  9. #9
    Join Date
    Oct 2004
    Location
    Ohio
    Posts
    1,668
    Updating wordpress alone doesnt solve all the issues. I have seen quite a few hacked installs where the wp core files were up to date, but the user didnt update the theme and the theme was vulnerable and got them hacked. Plugins and themes and core files should all be updated.

  10. #10
    Join Date
    Feb 2006
    Location
    Kepler 62f
    Posts
    16,703
    Quote Originally Posted by Chris_M View Post
    Updating wordpress alone doesnt solve all the issues. I have seen quite a few hacked installs where the wp core files were up to date, but the user didnt update the theme and the theme was vulnerable and got them hacked. Plugins and themes and core files should all be updated.
    Even that won't always do it.
    Passwords, admin usernames, ACL, databases, server firewalls settings, webserver settings, PHP permissions, etc.
    || Need a good host?
    || See my Suggested Hosts List || Editorial: EIG/Site5/Arvixe/Hostgator Alternatives
    ||

Similar Threads

  1. Wordpress blogs being crawled to death
    By glace in forum Hosting Security and Technology
    Replies: 3
    Last Post: 06-10-2011, 07:54 AM
  2. A number of Wordpress Blogs hacked
    By webhostinggeek in forum Hosting Security and Technology
    Replies: 15
    Last Post: 12-24-2010, 02:08 AM
  3. 2 wordpress blogs and 1 database - How?
    By bambinou in forum Programming Discussion
    Replies: 19
    Last Post: 12-01-2010, 05:52 PM
  4. vps for wordpress blogs
    By LawrenceV in forum VPS Hosting
    Replies: 12
    Last Post: 04-21-2008, 06:07 PM
  5. Blogs - Wordpress
    By SPLForums in forum Web Hosting
    Replies: 5
    Last Post: 03-02-2005, 03:55 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •