Forums

WordPress › Support » How-To and Troubleshooting

Just had WP debugged, now files are missing (19 posts)

  1. cleanimage
    Member
    Posted 1 year ago #

    My wordpress site was hacked about 1 month ago now. I hired a company to clean out the offending files, but I think they cleaned out some of the crucial WP files and now my old HTML site is up. It seems like all the files are there except what usually is found in the main directory folder. Here's a list of files from one of my other sites that are missing:

    wp-activate.php
    wp-app.php
    wp-blog-header.php
    wp-comments-post.php
    wp-config.php
    wp-config-sample.php
    wp-cron.php
    wp-links-opml.php
    wp-load.php
    wp-login.php
    wp-mail.php
    wp-pass.php
    wp-register.php
    wp-settings.php
    wp-signup.php
    wp-trackback.php
    wp-xmlrpc.php

    What can I do to restore my site?

    Thanks!

    Phillip

  2. esmi
    Theme Diva & Forum Moderator
    Posted 1 year ago #

    What version of WordPress were you using?

  3. Sabinou
    Member
    Posted 1 year ago #

    You may have better wait for the reply of a real professional.

    But from my point of view, as long as we're speaking about wordpress core files, these files can be replaced with fresher ones without any shred of second thoughts.

    Go to the home wordpress.org page, click the link to download wordpress, and you'll have the contents of a genuine wordpress, save the config.php and .htaccess customization, and save the contents of the wp-contents/themes and wp-contents/plugins folders.

    You can directly reupload by FTP the contents of your wordpress.zip archive to your hosting account. Files already present will be overwritten (it's okay), missing files will be reinstated.

    As I wrote, you should wait for the opinion of a pro for a confirmation.
    And never forget : BACKUP ! :D

  4. esmi
    Theme Diva & Forum Moderator
    Posted 1 year ago #

    Before any core files are uploaded, we need to confirm the WordPress or database version number so that the right core files are used.

  5. cleanimage
    Member
    Posted 1 year ago #

    Sorry. The verson is 3.0.1

  6. cleanimage
    Member
    Posted 1 year ago #

    Also, how should I back it up since I can't get into the control panel?

  7. cleanimage
    Member
    Posted 1 year ago #

    I would appreciate any advice. Thanks.

  8. Sabinou
    Member
    Posted 1 year ago #

    @ Esmi : would it be really bad, in the process, to update an old WP to an up to date one ? That would be killing two birds with one stone...

    @ Cleanimage :

    - if you must reinstall the same wordpress, you can find WP 3.0.1 (search for "3.0.1" on that page) here : http://wordpress.org/download/release-archive/
    You may wait for Esmi's opinion (I didn't think of WP versions, see, that's a pro for you !), my opinion is simply : unpack it, upload it and allow overwriting.

    - regarding backups, the reference is :
    http://codex.wordpress.org/WordPress_Backups
    . For the database, this is not something you can access or retrieve with your FTP client, it's stored elsewhere. I'm now backing it up with wordpress plugins, and on rare occasions with my web hosting panel. In your case, see if you can back it up within your web hosting panel too ? Or otherwise, you may have a phpmyadmin access ? if so, login with your database credentials, click your DB name if it's not auto-selected, click the Export tab, select "all tables", and just tick one last option, to save your db as .zip or .tar.gz
    . for the files, you can simply log in by FTP, select everything starting from the root of your blog's folder, and save it somewhere on your hard disk.
    . This way, with both files and database saved, you're safe, even if you totally screw up the wordpress fixing, you can restore everything back easily :)

  9. cleanimage
    Member
    Posted 1 year ago #

    Great help. Thanks Sabinou. Looks like I have a Saturday project now.

  10. Sabinou
    Member
    Posted 1 year ago #

    You're welcome :)

    A ninja trick, regarding the files (not the database). If you feel that you're afraid of having to spend a very long time reuploading your backup, file after file, you can create a subfolder within the root of your blog, like _oldbackupjustincase_ and already start reuploading your backed-up-by-ftp files inside.
    This way, if the sad moment comes when you need to restore your backup of the files, you'll only make a folder move in your ftp client, this is terribly faster than uploading it from your hard disk.
    For security reasons, however, if your blog is truly fixed and works at last, you may wish to remove that backups folder.

  11. cleanimage
    Member
    Posted 1 year ago #

    Ok, I finally was able to upgrade WP and I'm able now to get into my control panel. But, all of my plugins are deactivated and say "Plugin file does not exist"

    Also, my theme is gone and the site itself isn't showing up

    http://www.cleanimagecarpetcare.com

    Any ideas what to do next?

    I did have to redo my wp-config file and created a new user for my database since I wasn't sure of the password on my original user. Would that have anything to do with it?

  12. Sabinou
    Member
    Posted 1 year ago #

    The database new user thingy : possibly.

    Can you restore back the database credentials (datanase name, host, username, password), from your backup of your wp-config.php file ? Your backup does contain all the missing info :)

    For your plugins and themes, did you delete all of /wp-content/ at some point ? If not, it may be because of the datase ? o_O

  13. cleanimage
    Member
    Posted 1 year ago #

    Backup? That's where I went wrong. I don't have a backup of the original. :( HELP!

    I did not delete the original WP-content folder, just replaced the necessary files.

  14. cleanimage
    Member
    Posted 1 year ago #

    Thankfully my pages and images are all there. Worse case scenario, I'll just have to reinstall my theme and plugins, correct?

    (if I can remember what they all are)

    Still, if I can avoid all that, I'd be a happy camper.

  15. Sabinou
    Member
    Posted 1 year ago #

    My bad, you were already missing wp-config.php ! It's in that file that the database credentials are stored.

    Well, still, unless you want to start your blog afresh, losing all the contents you wrote (the posts, the pages, the hand-ticked options of the theme and of the plugins), you will need to know your previous database credentials. In insist : THIS IS NOT LOST :) It's only stored for your previous username-databasename-host, it's up to you to find the information.

    Isn't it something that you can see inside your web hosting account ?
    You probably won't have a dozen active databases, and probably only one username associated to each database, will you ?

  16. cleanimage
    Member
    Posted 1 year ago #

    Well, maybe I didn't explain clearly enough.

    The database I was able to connect to, I just had to setup a different user on the old database and enter that way. All of my posts, pics, and content is showing up in the WP control panel. Just my theme and plugins aren't working even though the files all seem to be there.

  17. Sabinou
    Member
    Posted 1 year ago #

    Haaaaa~
    OK !

    In your wordpress admin, if you go to your Appearance menu, does it still show that the current theme is the one you were previously using ?
    You can temporarily switch to the default theme (Twenty Eleven) and see if everything works again.

    For the plugins, if you go to the Plugins Menu, in your wordpress admin, are they all deactivated, or not ? If yes, activate them, if not, deactivate and reactivate them.

    Possibly, the removal of your infected blog files also resulted in the removal of parts of the plugins and template, and if that's the case, you would also have to delete (might be safer when we talk about security matters, it's okay if you didn't customize your template, keeping it "as is" since the installation, save for widgets who are, them, managed with the database) and reinstall them.
    Making sure of this is relatively simple, does your blog work with all plugins deactivated from the admin and with the default Twenty Eleven theme ?

  18. cleanimage
    Member
    Posted 1 year ago #

    Ok, I just reinstalled the theme. I think I'm getting somewhere now!

    Thanks so much for all your help Sabinou. It's very generous of you to use your time helping out a stranger.

  19. Sabinou
    Member
    Posted 1 year ago #

    Looks like your website is now working flawslessly, congratulations :)

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.