If you’re confused about the title, then let me tell you that many sites on WordPress self-hosted platform have affected sites and they go blank.
Click Here to See The Infected Site
This site was used to look like this in the past:
This site is owned by one of my friends, who has suffered loss of visitors and ranking on Google search index due to this problem. Even every site of mine has gone through this problem, as they were on the same host. But I managed to recover it.
I am not sure if it is a virus or not, but its symptoms and working indicates that it is like some injection attack. Please note that I am not declaring it as virus, as I haven’t found any literature on this problem yet. (Also this has infected only very few sites on the Internet which is negligible as compared to millions of websites out there, so chances are that this problem is still unnoticed).
Well, what exactly is this?
This actually penetrates in your WordPress files (PHP files) and inserts a piece of code in it. It causes your ‘index.php’ to crash, and your homepage as well as post pages go blank (as you can see in above example).
What can I do if my site is already infected?
If you’ve encountered similar problems, then simply delete your all WordPress file on host and upload freshly downloaded WordPress and plug ins from WordPress site. You can keep the list of which plug ins and themes you are using so that you can upload them again.
REMEMBER:
DO NOT DELETE YOUR MYSQL DATABASE. (It contains all your posts, settings and comments, and it is not infected at all. So please don’t make this stupid mistake)
What are the preventive measures I can take?
- You can keep your WordPress upgraded with the very latest version.
- Keep your MySQL databases locked with a very strong password (More that 8 digits in length, containing alphanumeric characters with symbol)
- Take backups of MySQL databases daily. (You can use software for that)
- If you’re a professional webmaster then you can check your event logs to detect any activities.
- You should also keep backups of all plug ins and themes downloaded by you.
That’s it from my side folks! I’ll keep you informed with such tips for your wordpress blog and also give updated news about this problem.
Please let me know if you have similar problems, so that I can suggest you the possible remedies for it.
(Source: The article has been written based on my own experience of the problem)
[Editor’s Note: This post is submitted by our guest blogger Amol Wagh. Amol likes to give out tips to aspiring ethical hackers around the world. He is interested in SEO, animation and blogging and writes columns on ethical hacking and blogging for Times of India (Nashik Times). He authors the following blogs – seobloggingtips, hackersenigma and digitalconqurer.
If you, too would like to write for Devils Workshop, please check this. Details about our revenue sharing programs are here.]
4 Comments
Hi Amol,
You are right. One of my friend also have the same problem while upgrading word press 2.7 to 2.8. Later he got his site back, once he deleted the incompatible plugins. I have to give your post to him to read. So that he will make sure that his site has no scripts which causes blank screen.
Thanks
Sankar
thankuu amol for the useful info…
thanks for your tips. Keep blogging.
Is this due to any sort of plugin or theme? As all the php files get infected I think! The example you gave is even showing the wp-admin as blank!