My Classipress site was HACKED!
I have been experiencing hacker attacks since June. At first the attacks weren't through my Wordpress installations. I was running another classified ad program (one I'd had written for me using php scripts) and hackers used it to enter my domain and cause problems. I've been struggling since then to be sure that my site is secure.
I deleted that other classified ad program and bought Classipress, hoping it would solve my problems.
But yesterday and today all my efforts failed and my Classipress took two hacker attacks.
I was on the ball and caught both quickly but my domain hosting company also caught the problem and "shut me down" until they were sure I had the problem solved (as much as possible.) I'm back up running now.
My domain hosting company has given me some advice:
Rule one: I was told to be sure that I am running the latest version of the Wordpress. (But that didn't help. I was and am currently running the lastest version of Wordpress 3.0.1, my Classipress is Product Version 3.0.4 and all my plugins and widgets are current. I understand Classipress is about to release a new version. Yeah!!)
Rule two: I was asked to change passwords. (My passwords follow all the secure password rules, and I change them often!)
I came up with another rule. No one suggested it but I think it may help.
Rule three: I am very conscious of upload permissions. (I felt secure because my only Classipress posters MUST be approved by me.) But now I no longer let any comments be posted to my Classipress installation. I can't say that will help, but I saw that one hacker attempt was made to post a comment so I've now shut off that feature (including removing that part of the script).
If anyone has any other suggestions, I'd gladly consider them. In the meanwhile, I'm using my ftp program and constantly watching for weird php files.
My site is very popular (about 3.5 million hits annually) and I have NO other scripts running except for three Wordpress installs to different domains which I host on the one site.