Hacked: Need to Rebuild Everything
-
My blog was compromised a few months ago. Somehow a php script got in that allowed a malicious user to upload files and store them in my blog folder. I thought I had cleared out the problem, but I found an even fancier interface allowing anyone who knows the password to upload files, execute sql, or system commands [though I think my host has disabled that]. Clearly I didn’t do such a great job with my first cleaning attempt, the webhost is compromised, or my wordpress has a big hole in it.
With the release of 2.6 I’d like to start from scratch again, keeping only my posts/comments and related uploads and the same linking structure. Should I just blow away everything in my blog folder and start fresh with a 2.6 install, putting my db settings in wp-config? Do I need to do anything special to ensure my uploads and linking structure remains working?
Also, if anyone is interested in the scripts that were used to hack me, I’d be glad to send them along.
- The topic ‘Hacked: Need to Rebuild Everything’ is closed to new replies.