Answer the question
In order to leave comments, you need to log in
D
D
DrOsd2014-04-10 12:25:50
DrOsd, 2014-04-10 12:25:50
How to fix a vulnerability in wordpress?
Every time someone manually hacks a wordpress site. The engine and all plugins have been updated. How to fix the vulnerability? What could be the problem?
Here is an example of queries that turned out to be decisive in the hack:
"POST /wp-admin//update.php?action=upload-plugin HTTP/1.1" 200 31285 "-" "python-requests/1.1.0 CPython/2.7.3 Linux/2.6.32-279.el6.x86_64" "-"
"GET /wp-admin/plugins.php?action=activate&plugin=wpppm%2Fwpppm.php&_wpnonce=8a91a1c70d HTTP/1.1" 302 0 "-" "python-requests/1.1.0 CPython/2.7.3 Linux/2.6.32-279.el6.x86_64" "-" 3 answer(s)
@Cram
@Tantacula
O
Oleg Burca, 2014-04-10 @Cram
Vulnerability in fake wpppm plugin.
Delete the folder or files that contain wpppm in the name.
wpmarketingbuzz.com/wordpress-malicious-plugin-wpp...
D
Dmitry Evgrafovich, 2014-04-11 @Tantacula
Lock access to the wp-admin folder with a password in .htpasswd. But most likely, some nonsense has already settled in one of your files (or in many files), maybe in the same update.php that is accessed by the hacking script or another one that you did not mention in the log. Download the latest WordPress distribution and if nothing has been changed in the core, compare + roll the latest version over with the replacement of files, leaving the config. Ideally, you need to manually wool everything, because this will not remove possible trojans lying in other files. Typically, malicious code is encrypted, so it clearly stands out from the rest of the contents of the files.
Similar questions
A
A
D
T
Y
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question