Forums

WordPress › Support » How-To and Troubleshooting

My sites were hacked by protizer.ru. PLEASE HELP!!! (4 posts)

  1. thedailydoozy
    Member
    Posted 3 years ago #

    I have 4 sites I self-host myself with wordpress software (obviously) and today I went to my sites and I had pop-ups. One was russian porn and one was someother russian site. I went to my header.php file and I found a pop up code under the domain name protizer.ru and it was attached to affiliate code.

    How did my sites get hacked? Is this happening to anyone else? I deleted the code and it fixed the problem, but what if this happens again?

    How did it happen to two of my four sites?

    To make matters worse my menu inside the write a post is now gone in one of my sites. So I can't use any of the text editing, bold, italics, etc.

    Is there a way I can recover that?

  2. thedailydoozy
    Member
    Posted 3 years ago #

    You people never help me with my problems.

  3. roge0278
    Member
    Posted 3 years ago #

    man, you posted 50 minutes ago... chill out. i'm sure when a qualified human stumbles upon your post they'll do their best.

  4. NC@WP
    Member
    Posted 3 years ago #

    thedailydoozy,

    How did my sites get hacked?

    There are about seven billion ways for it to happen. The problem is, you forgot to mention what version of WordPress you are running. It is also possible (although less likely) that the hack was accomplished through a security hole in software other than WordPress, possibly one that you accidentally created during the system setup.

    Is this happening to anyone else?

    Yes, and quite often.

    I deleted the code and it fixed the problem, but what if this happens again?

    There are two sides to computer security. One is thwarting the attacks, the other is quickly recovering after a successful attack. What you needed to have in place before the first attack is a full backup of your WordPress file system and your WordPress database. That way, you could have quickly restored your site to its pre-intrusion state. As to preventing further intrusions, the standard advice is to upgrade to the latest version of WordPress, but unfortunately, WordPress' administrative interface was redesigned as of version 2.5 (the current version is 2.6), and some people (myself included) dislike the new interface rather intensely. Additionally, some of your plugins may stop working after you upgrade. So there is no easy solution; security seems to conflict with functionality...

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags