WordPress.org

Ready to get started?Download WordPress

Forums

Malicious Files? Post Clean-Up From an Attack (4 posts)

  1. Inspired2Write
    Member
    Posted 5 years ago #

    Hi,

    My 2.7.1 blog was attacked last week with the same script discussed here:

    http://wordpress.org/support/topic/210013?replies=8

    I've been removing the files that were attacked, and will need to probably do a fresh install. However, there are numerous files in my root that look suspicious and I'm unsure of, and I don't recall them being there prior to the attack.

    I'm wanting to remove the files, but not sure what they are, so I don't want to remove them without first knowing what they are. I'm only running WordPress on my site. There are 4 files, with the following names, and as mentioned above they are in my root directory:

    .alias
    .bashprofile
    .bashrc
    .cshrc

    Are those files supposed to be there, or are they from the attack that occurred on my site? Any help would be appreciated. Thank you!

  2. Inspired2Write
    Member
    Posted 5 years ago #

    Bump - Anyone here able to help me with this issue? Thank you.

  3. esmi
    Forum Moderator
    Posted 5 years ago #

    Not sure about files 1 and 4 but 2 and 3 are standard on a Linux hosted site.

    The last post in:

    http://wordpress.org/support/topic/268083?replies=5

    has some very good advice on clearing up after a hack.

  4. Inspired2Write
    Member
    Posted 5 years ago #

    Thanks esmi,

    I was just doing some further research and found the connection with Linux. I'll probably check with my host to ask them if those files are supposed to be there. Thanks for the reference to the above forum thread too.

Topic Closed

This topic has been closed to new replies.

About this Topic