Forums

WordPress › Support » How-To and Troubleshooting

[resolved] Could my backup file have malicious code? (4 posts)

  1. geezerd
    Member
    Posted 2 years ago #

    I got hacked with some kind of malware that put a long script at the end of all javascript files on my site, and redirected to some site in porta rico.

    I first tried to just re-install WordPress and my theme, which worked for a day, but then it all came back again the next day.

    During that day I did save a backup, using the Tools > Export from the Dashboard.

    I decided to just delete everything, have my host do a scrub, and re-install when they give me the go ahead.

    I will not use the same theme, just in case, but I would like to use the backup, but how do I know there's not something in it? Could it hold any bad stuff? I searched it for the phrase <script> and it didn't have that anywhere, at least.

    Any way to check the .xml file, or should it be fine?

    Thanks

  2. Jonas Grumby
    Member
    Posted 2 years ago #

    Backing up your site after it has been hacked is like closing the proverbial barn door after the horse has gotten out. You should be using a plugin like WP DBManager that will make scheduled backups of your site on a regular basis. You also should be running a firewall and you should be using a plugin like WP security scan to check your site for security loopholes like missing .htaccess files and incorrect permissions on the server. Re-uploading your theme or your WordPress files won't stop hackers from doing the same thing again.

    There are lots of posts on this forum already about how to clean up a hacked site. Just search for the word hacked.

  3. geezerd
    Member
    Posted 2 years ago #

    Yah, thanks for stating the obvious, douchebag. Like I haven't searched for the word "hacked" you pompous clown. Go crawl back into your hole.

  4. Jonas Grumby
    Member
    Posted 2 years ago #

    I don't think that was called for. I am not a mind reader. I will never make any attempt to help you again and I would imagine that anyone else who reads your comment will feel the same. Call me all the names you want but I am not the one who let my site get hacked and doesn't know how to fix it.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.