Wordpress hacked: added site.xml and /good directory -


i'm working on wordpress website which's been hacked. @ first saw site.xml file , /good directory placed nthe root directory of website.

site.xml contains these header strings:

<urlset xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"      xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"     xsi:schemalocation="http://www.sitemaps.org/schemas/sitemap/0.9              http://www.sitemaps.org/schemas/sitemap/0.9/sitemap.xsd"><url>   <loc>http://www.casadellavita.com/good/ray-ban-outlet-nj.html</loc> <lastmod>2015-06-01t08:10:43+02:00</lastmod> <changefreq>monthly</changefreq> <priority>1.0</priority> </url>

and huge list of these elements like:

<url> <loc>http://www.thehackedwebsite.com/good/ray-ban-3404-sale.html</loc> <lastmod>2015-06-01t08:10:43+02:00</lastmod> <changefreq>monthly</changefreq> <priority>1.0</priority> </url>

in /good directory found huge list of files "buy-ray-ban-58014.php" containing lot of advertising text.

what's that? remove site.xml , /good irectory how can fix hack?

at first step can use website vulnerability scanners acunetix can scan every website software , advise how fix bugs.

but there option wordpress websites: can "wpscan" tool in linux base system advanced wordpress scan. wpscan.org/


Comments

Post a Comment

Popular posts from this blog

Magento/PHP - Get phones on all members in a customer group -

i working on custom magento extension. working around adminhtml part , i've created custom form there. here form code: <?php class vivasindustries_smsnotification_block_adminhtml_sms_sendmass_edit_form extends mage_adminhtml_block_widget_form { public function _preparelayout() { $extensionpath = mage::getmoduledir('js', 'vivasindustries_smsnotification'); $head = $this->getlayout()->getblock('head'); $head->addjs('jquery.js'); $head->addjs('vivas.js'); return parent::_preparelayout(); } protected function _prepareform() { $form = new varien_data_form(array( 'id' => 'edit_form', 'action' => $this->geturl('*/*/save', array('id' => $this->getrequest()->get...
Read more

php - Bypass Geo Redirect for specific directories -

i'm trying bypass redirect specific url within site. wondering if might able help. the code below code use, original urls replaces example.com i'd able access http://example.com/admin without redirect occuring. is there way this, , there way using own ip? function country_geo_redirect() { $country = getenv('http_geoip_country_code'); if ($country == "us" ) { wp_redirect("http://usa.example.com/"); exit; } else if ($country == "gb" ) { wp_redirect("http://uk.example.com/"); exit; } } add_action('init', 'country_geo_redirect'); you can bypass redirection code if server found ip address. if ip address == <my ip address> ' nothing here else country_georedirect() end if
Read more

php - .htaccess mod_rewrite for dynamic url which has domain names -

i want convert url ex:( example.com/link.php?url=facebook.com ) ( example.com/facebook.com.php ) how can using .htaccess. or there other process make job easier ? i tried adding script .htaccess file options +followsymlinks rewriteengine on rewriterule url-(.*)\.htm$ link.php?url=$1 but converting url adding "url-" ( example.com/url-facebook.com.php ) i want remove "url-" , want make ( example.com/facebook.com.php ) rewriteengine on rewritecond %{the_request} ^get.*link\.php\?url\= [nc] rewritecond %{request_uri} !/system/.* [nc] rewriterule (.*?)link\.php\?url\=/*(.*) /$1$2 [r=301,ne,l] not sure how above work edit of used use remove index.php url
Read more