HELP: hacked by Dos-Dz Team Defaced by protocol ? « Support Forum | Kriesi.at

HELP: hacked by Dos-Dz Team Defaced by protocol ?

4 posts from 2 voices

Tags:

No tags yet.

hyperhead
Member

It looks like our nonprofit site using Habitat was hacked... here's a screen shot:
https://skitch.com/rossteasley/rdje5/temp-12-05-016

We are restoring from backups now and rebuilding the lost work, but our hosting company claims there must be some vulnerability in the Habitat theme. They suggest we delete Habitat and use a different theme. I don't agree, but I'm not a hosting or security expert. Seems to me it could as easily be a plugin as the theme itself...

We've been buying and using Kriesi themes for a while now and have good confidence in them... has anyone else seen this particular hack exploit before and do you have any suggestions about how to defend against it?

We're using WP 3.0, and here are the plugins currently running:
https://skitch.com/rossteasley/rdjkj/temp-12-05-017

Thanks everyone for any suggestions you might have!!!

Posted 2 years ago #
Dude
Dude

It would be interesting what file permissions you set for plugin, theme, etc. directories. Often users forget to reset permissions after configuration and 777 is like an invitation for hackers.

Posted 2 years ago #
hyperhead
Member

Thanks for the follow up, Dude. Good point... We're double-checking all those settings now, but on first glance it, I didn't see any 777s.

Posted 2 years ago #
Dude
Dude

Maybe your hoster can provide some logs? They can help you/us to find weak points.

Posted 2 years ago #

You must log in to post.