wordpress security break - how?

  mco 16:17 28 Mar 2008

One of my domain names is set up as a wordpress site. I noticed yesterday the layout had changed - checked the files via ftp and discovered the 'header. php' file had been replaced by something including text about credit cards etc - I have put my own header file back via ftp but am really perturbed as to how this happened? There are only two authors of the site (who wouldn't have a clue how to change anything and wouldnt want to) and it is not possible for any outsider to register - only people I manually allow. How has this file been changed? I feel very vulnerable now.

  Ade_1 22:52 30 Mar 2008

I use WordPress myself and have heard of incidents where people have had file changes/hacking (not sure if that is the case here though).

It may be a really silly question but have you made sure you're using the most up to date WordPress as usually it prevents this sort of thing happening. I've known someone who got hacked regularly and it stopped when he regularly upgraded. He only ever upgraded when it was 2.x rather than 2.x.x.

Just out of interest, what version of WordPress have you got installed?


  mco 18:23 31 Mar 2008

2.1.2 - yeah; you're right - it needs a serious upgrade; just afraid of messing it up - but I'll give it a go.

  Ade_1 20:09 31 Mar 2008

I see. I too was a bit concerned of messing things up too, however, I get used to it now. The WordPress documentation can make it seem rather complicated, but as long as you back everything up you'll be fine. I usually just end up taking the folder that stores my WordPress installation and files from the web server onto my computer.

If you want any advice on upgrading or have any questions feel free to get in touch with me.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Xiaomi Mi Mix 2 review

Halloween Photoshop & Illustrator tutorials: 20 step-by-step guides to creating spook-tacular…

iPhone X news: Release date, price, new features & specs

Comment créer, modifier et réinitialiser un compte Apple ?