If you haven’t upgraded to Wordpress 2.7 yet then I suggest you do it sooner rather than later. There’s an exploit in earlier versions of Wordpress that are compromising installations & turning them into mass zombie DDOS machines.
Via ftp go to the folder /wp-content/themes/ if there’s a file there named “remv.php” then you’re one of the unlucky ones.
It’s an application called PHPremoteView, it basically allows anyone to run any php commands on your server. This could result in a wide variety of damage (lost files, password, having your adsense code changed, affiliate url’s changed etc etc).
Currently most of the compromised installs are being used for DDOS attacks. So if you notice also an unusually high load on your server this could be the cause.
Delete the remv.php file first.Look to see which files in the Wordpress folder have been altered lately, it’s possible that your theme headers or footer could have unsuspecting spam links to pharma affiliate sites.Export all your Wordpress posts via XML then reinstall Wordpress 2.7 & import your posts.If you’re hosting multiple sites on your server you’ll want to check for all the files that have been modified within the time range since remv.php was created.Change all your passwords, user, root, wordpress, mysql databases….everything.Upgrade all your plugins to the latest versions (some might not work in 2.7 also).
Ingen kommentarer:
Send en kommentar