What do I do??? It appears someone has hacked and stolen? compromised? my site....they have been draining my resources and now I cant even log into it!!!
HELP!
Hosted on dreamhost - newest upgrade of wordpress installed...
michael
[closed] wordpress site hacked and comprimised (6 posts)
-
raphaelsmp
Posted 6 months ago # -
johnkolbert
Posted 6 months ago #Do you still have cPanel access to your domain? How about access to the phpMyAdmin?
If you do have access to the phpMyAdmin follow the directions here:
http://codex.wordpress.org/Resetting_Your_Password (scroll down to "Through phpMyAdmin"). If you are unfamiliar with phpMyAdmin consider getting a developer friend or hiring someone to do it. It's pretty straightforward actually.Feel free to contact me through my site if you need: http://www.johnkolbert.com/contact
-
you need to do a little more than change a password.
Heres the standard reply:
fix advice:
http://ocaoimh.ie/2008/06/08/did-your-wordpress-site-get-hacked/
http://wordpress.org/search/hacked?forums=1Make sure that your files on the server are clean. If that means deleting and reuploading, than you ought to do that. Files that you dont replace, should be looked at closely.
Check for files that dont belong, directories that dont belong. Image files with changed timestamps -- look at those. Its VERY common for there to be scripts on sites that are named in such a way to mask the fact that theyre scripts.
Be suspicious, when youre looking at things.
Look at your permissions. Do you have world writable files? Any world-writable directories? Are they necessary?
You need to check your database. Look for rogue plugins being loaded, look for rogue users (specifically look for a user named wordpress). You will NOT see rogue plugins or rogue users in your wp-admin/ area. You need to check your database.
Make sure ALL of your plugins are current.
Make sure your wordpress is current.
Change your mysql password that wordpress uses (update your wp-config.php with that new password). Especiallly important in cases where you see changes to your mysql database.
Change any admin level passwords on your blog.
Look at any other software thats being used on your site. Is it current?
That's just an outline and not a complete list.
There's quite a bit to do, but it's all necessary.
If you cant do it all -- by all means dont hesitate to enlist the help of someone who can. Quite a few of us do work on the side.
Then there's this:
http://codex.wordpress.org/Hardening_WordPress
At the very bottom of that page, my own plugin is mentioned. I recommend setting it up, and leaving it up, for a week after the site has been secured, and keeping a close eye on the resultant logfile.
-
Posted 6 months ago #When I go to sign in on my Wordpress ADMIN page, there is a redirect now, up in the URL box...
-
Posted 6 months ago #How can I contact you WHOOAMI?
Can I hire you to help me?
773-275-7566
Michael -
Please consider posting a "New Job Request" [1] to have a professional work with you, or consider joining and soliciting professional assistance from the wp-pro mailing list [2].
Per "forum guidelines", Section F, closing this. Anyone interested is welcome to use your provided contact information.
[1] http://jobs.wordpress.net/postajob.php or http://www.elance.com/php/search/main/eolsearch.php?matchType=profile#page=1&matchKeywords=wordpress&catFilter=100
Topic Closed
This topic has been closed to new replies.
