Title: WordPress – major hack Last modified: August 19, 2016 --- # WordPress – major hack * [jami1955](https://wordpress.org/support/users/jami1955/) * (@jami1955) * [15 years, 7 months ago](https://wordpress.org/support/topic/wordpress-major-hack/) * Before I take this offline, I want to show the wordpress community a major hack. My site has been completely taken over, and the domain redirected to a hacker’s site. Get a load of it, it will be gone soon. * [Link removed] * As soon as I hear from my server about what they figure out from the access logs about how this happened, if it indeed is a weakness in wordpress, I will post it here. * JSC, Boulder Viewing 6 replies - 1 through 6 (of 6 total) * [Clayton James](https://wordpress.org/support/users/claytonjames/) * (@claytonjames) * [15 years, 7 months ago](https://wordpress.org/support/topic/wordpress-major-hack/#post-1754865) * > if it indeed is a weakness in wordpress, I will post it here. * If, – and I say “If”, with no reflection or consideration necessary on my part considering what I just saw on your site – you believe that you have found something in WordPress that merits the urgent attention that your tone implies, it would be completely irresponsible to post those details in an open forum. The hack I see on your site is not limited to WordPress. If you still think you might really have something related directly to WordPress, this is the correct route to take: * _“Security_ * If you think you’ve found a security problem in WordPress, please see the [Security FAQ ](http://codex.wordpress.org/Security_FAQ) for information on reporting the problem.” * [Where do I report security issues?](http://codex.wordpress.org/Security_FAQ#Where_do_I_report_security_issues.3F) * Good luck to you. * Thread Starter [jami1955](https://wordpress.org/support/users/jami1955/) * (@jami1955) * [15 years, 7 months ago](https://wordpress.org/support/topic/wordpress-major-hack/#post-1754925) * I’ve written to security. But it is fine to say this publicly, that version 3.0 was hacked completely, after the database was restored from a backup, it worked fine again. It was indeed limited to WordPress, there is no other site out of the 15 others on that account that have any trouble. Nothing else was done. Just that domain that hosted wordpress. It was from an IP in Turkey. * Moderator [James Huff](https://wordpress.org/support/users/macmanx/) * (@macmanx) * [15 years, 7 months ago](https://wordpress.org/support/topic/wordpress-major-hack/#post-1754929) * Did you just restore the database backup or replace the files too? * You mentioned that your domain was redirected, which is very difficult (if not impossible now) to do via the database. More than likely, it was either a `.htaccess` replacement or code injection hack, which can happen to just about any site or file on any shared server. * [ptctut](https://wordpress.org/support/users/ptctut/) * (@ptctut) * [15 years, 7 months ago](https://wordpress.org/support/topic/wordpress-major-hack/#post-1754985) * It looks like someone modified `.htaccess` from outside and redirected. * If you have restored just the database and your sight worked normally then might be problem with script injection and it’s not the problem of wordpress alone. * [mrmist](https://wordpress.org/support/users/mrmist/) * (@mrmist) * [15 years, 7 months ago](https://wordpress.org/support/topic/wordpress-major-hack/#post-1755002) * If your site was indeed hacked (by whatever means) I don’t think that we want people clicking through to it from here, as potentially further exploits could be hidden in its code. * So I’ve removed the direct link in your post. * [http://codex.wordpress.org/FAQ_My_site_was_hacked](http://codex.wordpress.org/FAQ_My_site_was_hacked) may be of interest. * [Clayton James](https://wordpress.org/support/users/claytonjames/) * (@claytonjames) * [15 years, 7 months ago](https://wordpress.org/support/topic/wordpress-major-hack/#post-1755003) * > It was indeed limited to WordPress, there is no other site out of the 15 others > on that account that have any trouble * It may have been limited to the WordPress installation on _your_ server so far, but that’s not quite what I meant. In the minute or two it took to skim a large number of other sites that were hacked with the same crap you experienced, the number of those sites using WordPress did not appear to be disproportionately high, when compared to the number of sites affected that were _not_ using WordPress. * It’s still a big pain in the neck, either way. Viewing 6 replies - 1 through 6 (of 6 total) The topic ‘WordPress – major hack’ is closed to new replies. * In: [Requests and Feedback](https://wordpress.org/support/forum/requests-and-feedback/) * 6 replies * 5 participants * Last reply from: [Clayton James](https://wordpress.org/support/users/claytonjames/) * Last activity: [15 years, 7 months ago](https://wordpress.org/support/topic/wordpress-major-hack/#post-1755003) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics