How To Fix: H4ck3d by R3d Dr4GoN

How To Fix: H4ck3d by R3d Dr4GoN

This happened to me on both of my WordPress blogs, this one, and Pacific Northwest Photoblog. This could happen to any site though, not just WordPress sites.

How To Fix: H4ck3d by R3d Dr4GoN

First off, do not panic.

Either way clearing this up is pretty easy. In both cases there was a 301 Redirect in my .htaccess file on the very first line. I removed this and was able to get to sub pages. The main page continued to be a problem though. Looking closer I found that I had an index.php and index.html page. Since WordPress renders completely in PHP, the presence of Index.html was a bit strange. Taking a look at it I found:

HTML>

H4ck3d By R3d Dr4GoN






This Site Is

Very clearly this is incorrect. So I renamed Index.html to Index.hack, refreshed my main and everything was back to normal! After this be sure to change the password to your terminal/ftp user, create new SSH keys or create new ones if you don’t have any, and just to be safe, change your WordPress blog admin password.

While the actual hack was pretty amateurish, and was likely done by a script that exploited known security issues, it shows just how important proper security is in this day and age. And more importantly, it shows that no matter what you know, and how much you prepare – you will get hacked someday.