malcek Posted July 12, 2024 Share Posted July 12, 2024 Three days ago we noticed at first increase usage on our site. Today we have discovered that somebody has been hacked our administration. How they manage to pass our security i don't know. But now we have new instalation of wordpress web site. Front office is working well. Directories of adminstration that has been accessed: - autoupgrade - filemanager - themes - .htaccess file in administration directory. Did anybody expirience same hack? best regards, martin Link to comment Share on other sites More sharing options...
Mediacom87 Posted July 12, 2024 Share Posted July 12, 2024 Hi, Many sites were hacked this week, so it's important to clean up your entire hosting space, identifying the point of entry and potential vulnerabilities. Many third-party modules contain security holes. I've already published quite a few articles on the subject to help people out, but at some point it's worth getting a professional involved, given the time involved. Link to comment Share on other sites More sharing options...
malcek Posted July 12, 2024 Author Share Posted July 12, 2024 entire public_html directory or complete cpanel account? Best regards Martin Link to comment Share on other sites More sharing options...
Nickz Posted July 12, 2024 Share Posted July 12, 2024 Wordpress is the most hacked Installation there is, also due to being popular and the initial install over a Cpanel hostings are especially insecure. Cpanel install prestashop has the same install folder name, the WP install uses the same admin name all over. We are living in times where get rich quick or die trying is fashionable. Moreso if you are already close to the XXX scene. Many hacks in CMS are based on sql injection. Proper validation helps to avoid those. Link to comment Share on other sites More sharing options...
malcek Posted July 12, 2024 Author Share Posted July 12, 2024 2 minutes ago, Nickz said: Wordpress is the most hacked Installation there is, also due to being popular and the initial install over a Cpanel hostings are especially insecure. Cpanel install prestashop has the same install folder name, the WP install uses the same admin name all over. We are living in times where get rich quick or die trying is fashionable. Moreso if you are already close to the XXX scene. Many hacks in CMS are based on sql injection. Proper validation helps to avoid those. but i never use wordpress 🤔 Link to comment Share on other sites More sharing options...
Mediacom87 Posted July 12, 2024 Share Posted July 12, 2024 il y a 6 minutes, malcek a dit : entire public_html directory or complete cpanel account? Best regards Martin public_html only. 1 Link to comment Share on other sites More sharing options...
Nickz Posted July 12, 2024 Share Posted July 12, 2024 2 minutes ago, malcek said: but i never use wordpress It does not refer exclusively to wordpress. All CMS use a database when having a contact form. That is the way hackers take advantage of it. 1 Link to comment Share on other sites More sharing options...
Mediacom87 Posted July 12, 2024 Share Posted July 12, 2024 il y a 10 minutes, malcek a dit : but i never use wordpress 🤔 This hacker didn't install WordPress but files named as native WordPress files. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now