Archived

This topic is now archived and is closed to further replies.

  • 0

Resolved Site Hacked


Question

7 answers to this question

Posted · Report post

The hacked code seems to appear in the file 'header.php, butreplacing this file with a fresh version hasn't helped - am going to try reuploading the whole theme...

Are there any holes in the theme? I don't understand how they were able to hack my site..... :(

Share this post


Link to post
Share on other sites

Posted · Report post

The did NOT hack PageLines Framework.

Either WordPress was hacked, or an outdated/bad plugin.

You need to read the instructions on that page.

This is how I would go about it:

  1. Ask you host if there is a backup before the attack happened, if so roll back the database to before that date.
  2. make a copy of wp-config.php
  3. Delete ALL files in the blogs DIR.
  4. Download a fresh copy of WordPress, and a fresh copy if the framework.
  5. Unzip them and upload them.
  6. Restore the wp-config.php
  7. Visit wp-admin/plugins ( wp will complain that plugins are missing, which they are you deleted them )
  8. Now change your admin password, and check for any new admin users.
  9. go to your host panel and change the database passwords
  10. update the new db passwords in wp-config.php
1 person likes this

Share this post


Link to post
Share on other sites

Posted · Report post

THank you Simon - will try what you suggest.... very stressful!!!

Thanks again - will post how it goes....

One question - what about all the images for the posts I have uploaded - will I need to reupload those as well?

Share this post


Link to post
Share on other sites

Posted · Report post

well, you could keep the uploads dir, but there could be bad files in there too, its up to you at the end of the day.

Share this post


Link to post
Share on other sites

Posted · Report post

Thank you so much for your advice Simon. My site is now fixed with the help of the hosting company to roll back to a backup. Still not sure how they access my site, but am following your advice! Thanks again!

Share this post


Link to post
Share on other sites

Posted · Report post

The topic was marked as resolved.

Share this post


Link to post
Share on other sites