Jump to content


Photo
- - - - -
Resolved

Site Hacked

wordpress hacked

This topic has been archived. This means that you cannot reply to this topic.
7 replies to this topic

#1 jfitch

jfitch

    Advanced Member

  • Members
  • 40 posts

Posted 17 November 2012 - 01:24 PM

My pagelines 2.3.5 site has been hacked - any advice?

Please Login or Register to see this Hidden Content



#2 Simon_P

Simon_P

    Messer

  • Administrators



  • 8388607 posts

Posted 17 November 2012 - 01:37 PM

Please Login or Register to see this Hidden Content



WordPress have some hack FAQ's

#3 jfitch

jfitch

    Advanced Member

  • Members
  • 40 posts

Posted 17 November 2012 - 01:49 PM

The hacked code seems to appear in the file 'header.php, butreplacing this file with a fresh version hasn't helped - am going to try reuploading the whole theme...

Are there any holes in the theme? I don't understand how they were able to hack my site..... :(

#4 Simon_P

Simon_P

    Messer

  • Administrators



  • 8388607 posts

Posted 17 November 2012 - 02:00 PM

The did NOT hack PageLines Framework.

Either WordPress was hacked, or an outdated/bad plugin.

You need to read the instructions on that page.

This is how I would go about it:
  • Ask you host if there is a backup before the attack happened, if so roll back the database to before that date.
  • make a copy of wp-config.php
  • Delete ALL files in the blogs DIR.
  • Download a fresh copy of WordPress, and a fresh copy if the framework.
  • Unzip them and upload them.
  • Restore the wp-config.php
  • Visit wp-admin/plugins ( wp will complain that plugins are missing, which they are you deleted them )
  • Now change your admin password, and check for any new admin users.
  • go to your host panel and change the database passwords
  • update the new db passwords in wp-config.php


#5 jfitch

jfitch

    Advanced Member

  • Members
  • 40 posts

Posted 17 November 2012 - 02:04 PM

THank you Simon - will try what you suggest.... very stressful!!!

Thanks again - will post how it goes....
One question - what about all the images for the posts I have uploaded - will I need to reupload those as well?

#6 Simon_P

Simon_P

    Messer

  • Administrators



  • 8388607 posts

Posted 17 November 2012 - 02:08 PM

well, you could keep the uploads dir, but there could be bad files in there too, its up to you at the end of the day.

#7 jfitch

jfitch

    Advanced Member

  • Members
  • 40 posts

Posted 20 November 2012 - 12:53 PM

Thank you so much for your advice Simon. My site is now fixed with the help of the hosting company to roll back to a backup. Still not sure how they access my site, but am following your advice! Thanks again!

#8 catrina

catrina

    Advocate

  • Members
  • 12345 posts

Posted 20 November 2012 - 04:02 PM

The topic was marked as resolved.