Make Sure Your WordPress is Not Hacked
Lately there there seems to be a hacking spree around old versions of WordPress. Most of the times the hacker will edit your theme files to insert spam links. One of my older and non-active blogs got that problem, and I had several friends complaining to me about it as well when chatting over IM.
I would therefore recommend that all of you run a quick check on your WordPress to make sure it has not being compromised.
How do I find if I have been hacked?
The easiest way to identify the spam links is to open your website on a browser and take a look at the source code. Pay particular attention to the header and footer of your HTML, and check if they are links there that were not supposed to be (usually they are related to pharmacy, drugs, credit cards and related).
If you use Firefox you can also click on “Tools,” then “Page Info,” and then “Links.” This window will show all the outgoing links from the current web page that you are visiting.
Finally, you should also examine all your theme files and your WordPress installation for any file or piece of code that looks suspicious.
How do I fix the problem?
Most of the blogs that get hacked are older versions of WordPress that still have several security bugs open, so the first line of defense that you have is to stay updated with the newer versions. If you have been procrastinating your update to WordPress 2.5 make sure to check the Automatic Upgrade plugin, it makes the process really a piece of cake.
Secondly, you should also secure your WP-Admin folder by allowing access only to certain IP addresses. You can do that by creating a .htaccess file (a simple text file named that way) and by dropping it inside your WP-Admin folder with the code found on the article 3 Must Apply Security Tips for WordPress.
Thirdly, you should also disable the navigation of directories on your whole website, so that people can not view what plugins you are using or other sensitive data. You can do this easily by adding the following line to the .htaccess file located on your root directory:
Options -Indexes
Finally, if for some reason you can’t upgrade your WordPress or secure the access to the WP-Admin folder only to certain IPs, you can still delete your theme-editor.php file from the WP-Admin folder. This solution is far from the optimal, but it should help in protecting your blog from people trying to add spam links to your theme files.
Ah, and don’t forget to change your passwords regularly as well!
Don't want to miss a single tip? 
Subscribe to our RSS Feed!
Bookmark
33 Responses to “Make Sure Your WordPress is Not Hacked”
- Как обезопасить блог, работающий на WordPress’е от взлома - Блог Омского Бомжа
- Cómo hacer tu blog un poco más seguro » blogpocket 7.0
- NotasD
- Todays favorite posts : Adventures In Affiliate Marketing
- En vrac #35
- Net en Vrac - n°23 | La Geek Attitude
- WordPress Wednesday News: WordCamps Everywhere, Webware 100 Again, Plugins to Fix WordPress 2.5, Change Admin Colors, and More : The Blog Herald
- Bloggers Digest - 4/25/08 - Get Elastic Ecommerce Blog
- On Blogging Australia » Blogging tips Current Feature » B is for Blogging Platform
- WordPress Security Prevention, Reactions, and Scares « Lorelle on WordPress
- April 2008 Most Popular Articles
- UnHacking your WordPress Weblog » A MarketPlace of Ideas
Got something to say?
Sponsors
Popular Articles
- 43 Web Design Mistakes You Should Avoid
- 101 Blog Tips I learned in 2006
- 30 Traffic Generation Tips
- 28 Ways to Make Money with Your Website
- Top 25 Blogs About Blogging
- Darren Rowse vs. Jeremy Shoemoney
- 12 Do's and Dont's of Copyright Law
- Hold Tight, It Will Only Get Easier
- How to Find Advertisers for Your Website
- 7 Ways to Promote your Site
- Top 10 Underrated Wordpress Plugins
- The Best Website Taglines Around the Internet
- Let's Exchange Social Media Contacts
- Blog Setup: 40 Practical Tips
- Homepage Excerpts Wordpress Plugin
Recent Articles
- Poll: What is Your Favorite Browser?
- We Should Have Known Better: Exchanging Credibility for a Few Bucks
- Keys to an Effective Idea Journal
- Web Usability: As Few Clicks As Possible
- Google Indexing Scrapers First?
- Want Your Blog Reviewed? Drop a Comment
- Do You Know Your Visitors? 5 Points to Consider
- TiECON/Chitika Blogpreneur Contest 2008
- RSS Awareness Day Was A Success
- Get Started at Creative Writing
Subscribe via E-Mail
Trying to Find a Good Domain?
Hey great advice I’ve been on alert with all the hacking thats been going around lately, thanks for the tip.
We got hacked and blogged about it:
http://sitening.com/blog/2008/.....abilities/
Thanks for the Firefox link tips. I’ve never used that feature before.
I guess you’ve removed all my excuses for not upgrading. I’ll have to check out that plugin.
Nice article! Very helpful.
I’ve been experiencing this ‘hacking things’ so many times, and it is really annoying.
wow, thanks for that! Luckily, I didn’t see anything, but now I know how to check
Thank you. I was just in trouble and your post was in time to bail me out.
I’m on Yahoo hosting with crappy service, no updates with Wordpress and remaining in version 2.0.2, no access to .htaccess file, and inviting all sorts of trouble with no other option than the last one you said.
Daniel, everything is fine but if you secure your WP-Admin folder by allowing access only to certain IP addresses, then you cannot blog from other computers, like from an internet cafe. That may not be a feasible option for all the bloggers because sometimes you may need to use a different computer at a different location to blog.
Oh, since such adventure exists, I’d better check my blog and see whether it is hacked or not, hope not.
Thank for sharing this tips!
From the security tips above the IP trick to save your wordpress is very important and secure. But the problem is that most of the internet user has a dynamic IP and this process will need a static IP for the htacess file.
thx a lot!
Yeah if you have dynamic IPs it becomes a problem.
@Medical Transcriptionist, my blog that got hacked was also hosted on Yahoo!… lame stuff they got over there.
Good post, thanks for the security suggestions, those are great.
Thanks for another great post. I especially like the Firefox tip, an easy way to check if my blogs are OK.
We recently got hit, too. I’ve added some tips here for anyone in the same situation - http://www.psionmark.com/wordp.....ss-attack/
Well, indeed, this is by far the most helpful article that I have read on the Internet this entire week, out of about 1200 probably. So, thank you on this. I have had both blogs and forums hacked and I’d would like to propose death by hanging as a potential punishment for such crimes?
Good stuff, I wasn’t aware of some of the items mentioned. I do try and keep EVERYTHING updated…religiously.
It’s just a shame that some losers waste their time trying their best to be major jerks, when they could use their ‘talents’ towards making things better for all…themselves included.
Something similar happened to me and was searching about it, but it seems that just dailyblogtips have about it, and I will send you a BIG thanks for it.
this is what happened:
http://www.googlelady.com/796/rss-strange/
Though I rectified the hack, my Google traffic is zero now. I couldn’t find on the web an answer to repair this damage. Do you have any suggestions?
@Medical Transcriptionist , you will need to file a reinclusion request, vie the Webmaster Central.
http://www.google.com/webmasters/
This is just one great example for why you need to keep your WordPress blog up to date.
1 —- Does the automatic update plug in work ? I did some googling and saw some mentions of things being disabled……………………..2 —- Are all my other plugins, mod rewrites safe ??? or do they require re-installation ?