Hacked site?
I recently had a website that was running a clean 2.9.1 install with only classipress theme (modified by me) hacked. They compromised the entire server down to the root level. The site had been "public" for only a fe days. I had user registrations turned on but was experimenting with some other plugins to hide the
wp-admin dashboard and to redirect the login/logout urls. Plus I had recently installed a plugin that lets you set user registration to be "authenticated" (by having the server send an email with a link the user had to click on). I installed that plugin to help combat some registration spam I had seen over the course of the last few days. I deleted about a half dozen user accounts today prior to the hack but I'm not sure if the hack had already been made and was set to run at a specified time. At any rate, I am posting on all boards in order to hopefully track down the issue. I am afraid to even run my site again for fear of it happening again. Any ideas or suggestions would be great.
Reply With Quote
You must be an AppThemes customer and logged in to view this response.