WordPress.org

Ready to get started?Download WordPress

Forums

Hello and My Website Was Hacked! (6 posts)

  1. Mehdi
    Member
    Posted 1 year ago #

    Hello
    My website was hacked by some strangers two days ago. I informed the Customer Service and they restored the website from dailybackup and they were able to restore Public_html. Then they advised me to protect " wp-admin" by usernames and passwords, And I did it. However I've got some problems with. You can read it here:
    http://wordpress.org/support/topic/wp-admin-password-protected-directory?replies=10

    The main problem is that: I still can see some effects of that hack and have no idea how to deal with.
    I left one of my post blank and I previewed it, then I saw this:
    hacked by Haxorsistz hacked by Haxorsistz (several times repeated)

    How can I solve this?

  2. vanessa613
    Member
    Posted 1 year ago #

    my site is hacked too! how did you contact the customer service? DO you have their number? thanks. vanessa

  3. Mehdi
    Member
    Posted 1 year ago #

    You should inform your own host webmaster.

  4. bcworkz
    Member
    Posted 1 year ago #

    Did they also restore the database from backup? Are they sure they went back far enough to get a clean backup? Did you change all your passwords: Database, WordPress Admins, FTP, Host account? Also scan your computer used for WordPress access for keyloggers and similar malware.

    Also see FAQ My site was hacked for other things that should be done in response.

  5. The Hack Repair Guy
    Member
    Posted 1 year ago #

    Most hacked sites I've worked on were hacked due to outdated plugins or scripts. Updating the scripts and removing old ones being the first step to clearing up the hacker coding.

    The tougher part— it's rare for hackers to not leave back door scripts in place (allowing hacker to re-hack your site again in future). Make sure to likewise review every file on your website as well to ensure no hacker coding remains.

  6. Mehdi
    Member
    Posted 1 year ago #

    Did they also restore the database from backup? Are they sure they went back far enough to get a clean backup? Did you change all your passwords: Database, WordPress Admins, FTP, Host account?

    They just were able to restore backup httpdocs and couldn't restore the database. That's the problem. I changed all passwords and made wp-admin more secure.

    Most hacked sites I've worked on were hacked due to outdated plugins or scripts. Updating the scripts and removing old ones being the first step to clearing up the hacker coding.

    But during the hack time, the website was fully updated ( CMS + Plugins). I have no idea how some plugins have been infected. Even my RSS plugin has been infected and when a person person clicks on the links, the hacker's message appears again.

    Make sure to likewise review every file on your website as well to ensure no hacker coding remains.

    Sure, I'll do. But how can I recognize the hacker's code? Where should I search exactly?

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.