WordPress.org

Ready to get started?Download WordPress

Forums

Help my wordpress site has been hacked (4 posts)

  1. G-Olly
    Member
    Posted 1 year ago #

    Please can someone help, my wordpress site was hacked over the weekend.

    I use xilo to host my wordpress sites. It was hacked over the weekend (I believe through a tim.thumb script that my main theme was using). I have three wordpress installations on my server. The main one was hacked by a malicious script that basically deleted all my files. I have backups of the files and the databases but silly me, I had let it lapse for a couple of weeks before the attack.

    I contacted my host and asked them to do a system restore from a couple of days previous to the attack. They didn't respond straight away so I decided to sort it out myself I changed all passwords and uploaded my backups both databases and files. Whilst this was happening the whole account, files, access logs and all was deleted.

    They responded today and have said that they have restored from the date I requested but there are lots of files missing that I know were there on this date. I am no developer and I am a bit confused as to what to do now. I have placed the websites behind a 503 which just allows me access. But I cannot find the wp-admin.php at all, it returns a 404 error page. Can anyone give me any pointers on what to do or ask for from my hosts?

    Many thanks

  2. Andrew
    Forum Moderator
    Posted 1 year ago #

  3. sorayags
    Member
    Posted 1 year ago #

    Hello all,
    I have just the same problem. I think my website has been hacked too. I cannot access via ADMIN. My website is http://sorayagarciasanchez.wordpress.com/
    Any help would be greatly appreciated!! Thanks in advance!

  4. G-Olly
    Member
    Posted 1 year ago #

    Thanks Andrew. I have checked most of them but I was hoping that I could get my system restored to the date when I knew it was working fine and then do all the updates, password changes, etc. from there. But alas it seems that I will have to go through and manually do this myself.

    If I upload my most recent back-up of two weeks previous. Could I then block the site (to stop a repeat attack) and then do the updates and file changes necessary?

Topic Closed

This topic has been closed to new replies.

About this Topic