The MU forums have moved to WordPress.org

Hacked Div (3 posts)

  1. mzmartipants
    Member
    Posted 17 years ago #

    I was looking at my root index.php file and found this...
    ----------------------------------------------
    <?php
    /* Short and sweet */
    define('WP_USE_THEMES', true);
    require('./wp-blog-header.php');
    ?>
    <div style="overflow:auto; height: 1px;"><a href="url to porn"> horse sex</a>

    ---------------------------------------
    with many urls.... but just in a div tag...

    Any idea how this happened? Any suggestions?

  2. drmike
    Member
    Posted 17 years ago #

    I would talk to your host. It appears someone was able to access your hosting account and gain access to your files.

  3. mzmartipants
    Member
    Posted 17 years ago #

    Obviously. My guess is they did it through MU, because

    A. I've never been hacked that way before.
    B. I had some nasty comments a day after I put MU up.
    C. I don't have a high traffic site. Someone wouldn't pick it up without looking for a specific file.

    I think I may have my permissions set too liberally. I'm wondering what the strictest permissions are without breaking mu.

About this Topic

  • Started 17 years ago by mzmartipants
  • Latest reply from mzmartipants