Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #2463

    It looks like our nonprofit site using Habitat was hacked… here’s a screen shot:

    https://skitch.com/rossteasley/rdje5/temp-12-05-016

    We are restoring from backups now and rebuilding the lost work, but our hosting company claims there must be some vulnerability in the Habitat theme. They suggest we delete Habitat and use a different theme. I don’t agree, but I’m not a hosting or security expert. Seems to me it could as easily be a plugin as the theme itself…

    We’ve been buying and using Kriesi themes for a while now and have good confidence in them… has anyone else seen this particular hack exploit before and do you have any suggestions about how to defend against it?

    We’re using WP 3.0, and here are the plugins currently running:

    https://skitch.com/rossteasley/rdjkj/temp-12-05-017

    Thanks everyone for any suggestions you might have!!!

    #38110

    It would be interesting what file permissions you set for plugin, theme, etc. directories. Often users forget to reset permissions after configuration and 777 is like an invitation for hackers.

    #38111

    Thanks for the follow up, Dude. Good point… We’re double-checking all those settings now, but on first glance it, I didn’t see any 777s.

    #38112

    Maybe your hoster can provide some logs? They can help you/us to find weak points.

Viewing 4 posts - 1 through 4 (of 4 total)

The topic ‘HELP: hacked by Dos-Dz Team Defaced by protocol ?’ is closed to new replies.