Comment on WordPress Hacks by SEO Dave.

WordPress Hacks Sorry to hear your WordPress site was hacked, did you figure out how it was hacked since there’s nearly always additional back doors left by the hackers so they can hack the site again after you fix the changes? for example they’ll modify your themes and plugins so they have additional hacking points into your site if you don’t clean it fully.

With WordPress many hacks tend not to be caused by malicious code per se (so not deliberate viruses or Trojans), but security exploits that give hackers access to a server so they can make changes and from those changes access your sites files and database.

See http://codex.wordpress.org/FAQ_My_site_was_hacked for pointers on how to fix a hacked WordPress site.

There’s definitely no virus infections or Trojans within the Stallion Responsive zip files. It’s also highly unlikely to be the Stallion Responsive theme at fault for a WordPress security exploit, spend a lot of time checking through the code I add to Stallion for potential security exploits (remember I run Stallion on over 100 domains, so don’t want my sites hacked because I was lazy), but hackers are innovative and what’s not a potential security threat today could be one in the future. So there are no guarantees with either a theme, plugin or the latest version of WordPress then there’s your own PC and your server/hosting.

If you keep track of WordPress updates you’ll notice there are regular security updates (hackers are finding new exploits all the time), so it’s important to update regularly. If WordPress is out of date it’s more likely to include a security exploit hackers will use to hack your site.

Delete all (and I do mean ALL) WordPress themes and plugins you are not using. A WordPres plugin or theme does NOT have to be active to give hackers access to a theme or plugins code, if you have a 3 year old plugin or theme you aren’t using that contains vulnerable code it’s a big risk. There are a lot of old themes and plugins with exploits and if you regularly test themes and plugins and leave them on your server they are a potential future entry point for hackers.

WordPress security rule is, if you aren’t using a theme or plugin, delete it.

BTW don’t assume the cause is WordPress, could be your host that’s got an exploit or a hackers has gained your WordPress password from your computer. I had a server hacked (about 6 years ago I think) and couldn’t find anything wrong with the server, did find an out of date Windows Internet Explorer Adobe plugin (I don’t use Internet Explorer often, so didn’t update often enough) and the way I used Filezilla might have (still not sure) given a hacker access to my PC and my list of Filezilla FTP passwords! Filezilla doesn’t encrypt saved passwords (dumb security failing on their part) and the Adobe plugin gave limited access to my PC.

So nothing wrong with my server, WordPress etc… I think the hacker gained access to my Filezilla FTP passwords file (an unencrypted xml file) from my own PC, popped the Filezilla file into their version of Filezilla and had all my sites login details!!!

David