This blog was hacked by some soul(s) yesterday night! (around 3.30 AM IST), while i was in deep sleep. The blog home page was defaced. But the contents were kind of intact.

Was able to restore most of the things in less than 10 mins. But only after i was woken up in the morning at around 7.30 AM!

Ok. Now coming to how it happened…

One thing for sure… it was my mistake. I had given some stupid permissions on some folders on my site for some test purpose. I had forgot to remove those permissions. I am still not sure if its a security issue with WordPress. Have posted on WP forums about the problem.

Atleast 2 IPs were involved in the hack. They managed to create new wp users, gain admin access to WordPress, and then enabled file uploads in WordPress. Once that was done, they uploaded files (php based file managers, database access etc etc), which would enable them look on to the filesystem, database, and do more stuff.

They played around a bit, but luckily, they didn’t cause any damage. I am almost done with the cleanup now.

Will post more if something new turns up!

Update : 1 Mostly looks like its got to do with the security issue in WP which was patched in v1.5.1.2. So, upgrade your WP setup if you havent done it so far ASAP!!.

Update : 2 I have installed some new set of plugins to increase security. Contact me if you are facing any problem acessing the site.

Update : 3 Found exactly how they broke in…. If you are intrested, let me know. Will share the details. The hack won’t work in


  1. Arjun (Post author)

    Rj: resent the mail to your new(proper) id.

  2. Friend Indeed

    ->To Eliminate Pakistan from the world map
    ->To see India in a position better than other advanced countries like US

    Looking at the above on your website, no wonder it was hacked! In fact i’d say you were pretty lucky man…

  3. Arjun (Post author)

    @Friend Indeed : ……well, may be i was/am lucky.

    But I did a log analysis of hack. The hacker(s) ended up on this site by doing a google search for “WordPress”, and one of my post turned up in the top 10 results.

  4. Abhinav

    Your hacker was more polit thaen the guy who hacked my a month back. That was just the day after the update was released.

  5. Arjun (Post author)

    Ahinav, This guy did not do much damage, but even to date, ie, almost 2 months now, he/she keeps visiting the site.

    Actually, these people had uploaded some php pages, which would allow them to access my site later on. (like a backdoor). I have removed it, but this guys keeps coming back every couple of days.

    btw, fyi, this guy’s IP points to Pacific University.

  6. Prashanth Chandra M

    Hi Mr. Prabhu,
    I am prashanth from Hyderabad – a native of mangalore. Nice to visit your blog and interesting to see your articles. well, can you give me some details on this post, as well as other such details.

    Nice to know another mangalorean on the net. All the best.
    _Prashanth CM

  7. Arjun (Post author)

    Prashanth : can you let me know what details you are exactly looking for ?

  8. Pingback: Upgraded WordPress » Arjun's Home

Comments are closed.