Rockwell_77
Member
Posted 1 year ago #
Was using the latest version of WordPress.
My site has just been hacked - not too sure why, but I have my suspicions after reading the hackers title.
http://notallthosewhowanderarelost.ca
The main page has been hacked, along with my WordPress login. Links to pages other than the main page to my site seem to stil be in tact:
http://notallthosewhowanderarelost.ca/the-route
http://notallthosewhowanderarelost.ca/about-us
http://notallthosewhowanderarelost.ca/the-bike
etc...
most of the database, other than the WordPress login and password seem to be in tact.
How can I regain access to my WordPress Admin?
Do you have a recent database backup?
Rockwell_77
Member
Posted 1 year ago #
I don't have a recent database backup.
It looks like things are going to be OK. I checked my access log and found an IP that traced to Afghanistan. I sent an email to the hotmail address on the hacked page, and, as it turns out, it sounds like a young kid who was the victim of western terrorism in Afghanistan. On my route page, I made reference to the "so-called war on terror". I explained the meaning of "so-called", and he gave me my login details back. I just need to figure out ho to remove the index page and replace it with mine. Uploading my index.php file for my current theme doesn't seem to work.
Good. Now that you can get back in...
1) Change your passowrds. NOW. All of 'em. From WordPress login to your server password and database password. The kid got in, anyone could. Be SMART and CYA.
2) Read http://codex.wordpress.org/FAQ_My_site_was_hacked again. It has some advice to help you make sure this doesn't happen again.
3) Read http://codex.wordpress.org/Hardening_WordPress too
4) Tell your HOST now. They need to know in case there are backdoors on your system.
5) Install http://wordpress.org/extend/plugins/wp-security-scan/ and check.
6) Start making backups regularly. Lesson learned.
