昨天一更新就覺得不對,網頁回應很慢,但是後台沒問題,檢查一下網路活動發現問題在這裡:
http://itsallbreaksoft.net/tds/in.cgi?3&seoref=http%3A%2F%2Fwww.tide.com.tw%2Fwp-admin%2Fthemes.php¶meter=$keyword&se=$se&ur=1&HTTP_REFERER=http%3A%2F%2Fwww.tide.com.tw%2F&default_keyword=notdefine
網頁被redirect到itsallbreaksoft.net,這就是萬惡之源,上網查了一下不得了:
There is a brand new Wordpress hack attack making the rounds, that redirects all traffic to your site through itsallbreaksoft.net and paymoneysystem.info, and then on to any number of junk sites full of ads. The intermediate redirect to paymoneysystem.info actually goes through the URL paymoneysystem.info/in.cgi?michaeleknowlton, suggesting that someone using the name Michael Knowlton is going to be benefiting from any monies earned by the advertising. Here’s how it was done, and how to fix it. Fortunately, the immediate fix is very easy.
Here is how it was done – the bad guys either injected the below code into the header.php file (this is found in your /wp-content/themes/{your theme name here}/ directory) – or they simply sucked down your header file, modified it on their end to include the below code, and then overwrote your header.php file with the newly modified one…….
不過不只是這樣,我發現我多了一個有admin權限的管理員,在wp-content/uploads 裡面也找到一個xxxxxx.php(x=數字)的惡意檔案,把包括header.php裡的js代碼通通刪除後,現在看起來是回復正常了。
長這麼大第一次被hack啊~(當然windows中毒不算)
安裝Wptouch plugin. 目前只支援iphone & android
莫拉克颱風 88水災 物資捐贈災情更新相關網站:
http://typhoon.adct.org.tw/donation/
http://typhoon.oooo.tw/?&searchcode=&page=1
愛心捐款
http://udn.com/NEWS/NATIONAL/NAT2/5069114.shtml
長達14頁1377筆(到8月11日16:00)求救的呼喊,每一段文字都可能是一個悲慘的故事,兩個小時的晚間新聞已經令人度日如年,而他們已經在十倍於此的著急裡過了三天!
捐錢,捐血,捐物資都好,就算只是祈禱也好,大家一起幫忙吧~
天佑台灣,天佑吾民
最近的評論