Possible wordpress/server exploit?

October 19, 2008 | Published in: Out of the Blue | Tags: 2

In the last week a few of our blogs have been hit by some malicious JavaScript which won’t let you leave the page and will display adverts for dodgy malware scanners. Somehow the JavaScript was inserted into the index.php file in the site root. I’m not 100% sure how it was exploited, but in case you come across it, the code is inserted below the html tag in the index.php file so delete that code; I also recommend changing the file permissions to 444 (read only) just in case.

Found this post useful? Why not buy me a coffee!

Related Entries

  • No related posts found

Popular Entries

2 Responses to “Possible wordpress/server exploit?”

RSS feed for comments on this post.

  • 1 - Aaron says: Reply to this comment

    Gravatar

    I had a similar problem last month, even though I had the latest WordPress version installed. If you’d view the pages’ source, you’d see lines and lines of js, and all google ads would be replaced with po*n & spyware banners.

    Comment made on October 19, 2008 at 8:03 pm

  • 2 - Anthony Brewitt says: Reply to this comment

    Gravatar

    I have the same problem on a sites running a few different version of WP. Changing file permissions seems to do the trick. Take note: it affects all index.php’s; root index.php, wp-admin/index.php and wp-content/index.php – make all read only!

    Comment made on October 20, 2008 at 12:53 pm

Leave a Reply

Why ask?

About this site

Blue Anvil is the online web design journal & portfolio of , a web designer from Norfolk, England. Read More »
ThemeSlice

  • Featured work - More

    • Beefjack
    • Integrity
    • theotaku.com
    • Manic Melon

  • Latest Tweet - More

    • Hot and stuffy in today. Cut the lawn and cleaned the pets. Poor puff died the other day. Looks like the meds to cure the head tilt failed

  • Out of the blue - More

    • Wordpress 2.8 Memory Usage

      With the release of wordpress 2.8 some people are experiencing out of memory php errors along the lines of:

      Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 228968 bytes)

      You may also be seeing pages fail to load fully (for example the wordpress admin dashboard) if php error messages are hidden. I’ve already had one case where we thought certain plugins were to blame but in fact it was just out of memory. A possible fix (which worked in the previously mentioned case) is to add:

      @ini_set('memory_limit','64M');

      to your wp-config file. Has anyone else encoutered this error?

    • jQuery Curvy Corners 1.x and 2.x updated and moved to Google Code

      I have updated the jQuery Curvy Corners plugins (both versions) with jQuery 1.3.2 support and other enhancements. The beta 2 version is looking good and is working in all version of IE, Opera, and Firefox (as far as I can tell).

      You can grab the latest files from Google Code here. Enjoy.

    • I’m too nice: Wordpress Download Monitor plugin page add-on now included with Download Monitor version 3.1.

      It was going to be a paid add-on, but today I had a change of heart and bundled it with the newest version of download monitor. The add-on lets you make a download page using a shortcode; it lists your downloads/categories with full sorting, pagination, and search functionality. Not bad eh? See the documentation topic to see full instructions for usage, or see my download page to see it in action.

      And if you use it, please consider making a donation to ensure the continued development of the plugin!

    • 2 Announcements: New Support forum, and feedback wanted for new download page add-on

      First, I’ve implemented a support forum to Blue Anvil mainly for plugin support and ideas which can be found here. Hopefully this will make supporting my plugins easier. Feel free to add to the discussions (there is also a general web design forum too).

      Secondly, I’ve added a demo of the new download page add-on I’m making for Download Monitor. This will be a paid add-on and it would be cool to get any feedback or suggestions from anyone who would like such a feature. My download page is here. Please leave feedback on the forum or in the comments.