Comments on: Girlfriend’s website hacked :(

By: carlo

carlo — Mon, 26 Feb 2007 05:29:27 +0000

[quote comment="268"]Wow! Is this for real?[/quote]
Yeah this is real and a little sad. I can see why these people can try to hack a major blog but my girlfriend’s is a teeny lil site that’s brand new. Kinda lame huh?

By: Zeo

Zeo — Mon, 26 Feb 2007 04:59:52 +0000

Wow! Is this for real?

By: carlo

carlo — Wed, 21 Feb 2007 16:51:01 +0000

[quote comment="254"]shouldn’t we be looking to fix that rather than replacing the files every so often to cover it up?[/quote]

Quite possibly. This said, I have implemented this measure as a safeguard. One thing I would suggest is the CHMOD the files in /wp-content/themes/k2/ so that it is unable to be written to.

I personally enjoy CHMOD’ing all my files to 777 so I can make edits from inside WordPress, however, this is going to open these files up to attack.

FYI, the files on the girlfriends website were NOT 777 (RWX all). Weird!

By: Pete

Pete — Wed, 21 Feb 2007 12:53:37 +0000

Hmm, but if there is a vulnerability with K2, shouldn’t we be looking to fix that rather than replacing the files every so often to cover it up?

By: carlo

carlo — Tue, 20 Feb 2007 17:49:35 +0000

[quote comment="250"]Did you get any closer to the truth on this one? You can’t be that scared of K2 being hacked as you are still running it here and on your GF blog[/quote]

I know how to fix it now so I just upload a replacement of the file. I also have a cron which uploads the files every 6 hours just in case. I can’t move away from K2 – I like it WAY too much.

By: Pete

Pete — Tue, 20 Feb 2007 16:41:54 +0000

Did you get any closer to the truth on this one? You can’t be that scared of K2 being hacked as you are still running it here and on your GF blog