Wordpress issues

[patrick24601]

I am looking in my cpanel weblogs and I see that I am getting some traffic to some pages in my WP blog like:

/wp-content/1/free-online-7-card-stud.html

So I go poke around in that wp-content/1/ folder and sure enough there are HTML pages in there that I did not put in there.

How in the world did those get there? That folder has RWXR-XR-X permissions on it.

 

[RuDeDoGg]

I've never used wordpress, but I'm guessing it's a "permanent link" page or something

or maybe your RSS feed outputs that way?

 

[Brandon]

Was this a fresh install of Wordpress? Did you dl it from Wordpress.org?

 

[alexb]

I know exactly what the problem is. You 777'd your folders, didn't you?

I've had it happen before. Your server probably just got hit with a worm. Change your folder permissions to 755.

EDIT: I just re-read your post and you listed the permissions. Doh. Well, have you ever had that folder set to 777?

 

[yast]

New Wordpress 2.3.3 Exploit/Vulnerability - Adds Spam Directory /wp-content/1/ | Smackdown!