WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] my website is showing "hacked" message what should I do? (15 posts)

  1. Dr. Ashok Koparday
    Member
    Posted 1 year ago #

    hacked by haxorsistz hacked by haxorsistz hacked by haxorsistz hacked by haxorsistz hacked by haxorsistz hacked by haxorsistz hacked by haxorsistz hacked by haxorsistz hacked by haxorsistz hacked by haxorsistz hacked by haxorsistz hacked by haxorsistz hacked by haxorsistz hacked by haxorsistz hacked by haxorsistz

    Hi,
    I am getting this message at my web site http://mydoctortells.com. Kindly tell me what I should do.

    I am in kind of panic.

    Ashok Koparday

  2. Dr. Ashok Koparday
    Member
    Posted 1 year ago #

    Hi,

    The host server restored my site in seconds.

    I am not sure how it happened. A post mortem is called for.
    I am composed.

    Visit the WordPress key generator to obtain a new random set of keys, then overwrite the values in your wp-config.php file with the new ones.

    Does this mean just paste the key generated on wp-config.php?
    Two things to note:
    1.
    W3Total Cache asked something about .htaccess file when I checked in admin panel.

    I have changed password. I am scanning my PC.
    2.
    I had installed Secure WordPress plugin few days ago.

    I am planning to delete the whole database and files and restore from backup.

    I shall study about hacking websites and security measures.
    Any body any suggestions?

  3. Dr. Ashok Koparday
    Member
    Posted 1 year ago #

    I changed admin password.

    Now I am not able to login to admin panel with the changed admin password.

  4. Julio Potier (Juliobox), please do not post for jobs here.

    Visit the WordPress key generator to obtain a new random set of keys, then overwrite the values in your wp-config.php file with the new ones.

    Go here: https://api.wordpress.org/secret-key/1.1/salt/

    Copy/paste those into wp-config.php :) It's realluy that easy.

    W3Total Cache asked something about .htaccess file when I checked in admin panel.

    Yes, it needs to write to that file. You can turn it off for now.

  5. leejosepho
    Member
    Posted 1 year ago #

    I changed admin password.

    To help protect against hacking, it can also be a good idea to make a new admin account (with a name other than "admin", obviously), then delete the old one...and then you would also no longer have a user #1 for someone to try to break into.

  6. Dr. Ashok Koparday
    Member
    Posted 1 year ago #

    Hi
    Ipstenu (Mika Epstein)
    leejosepho
    Jan Dembowski

    I appreciate your guidance. It is good to know some one is supporting.

    I am not able to login to my admin or cpanel when I used my changed password.

    What's next?

    Ashok Koparday

  7. Dr. Ashok Koparday
    Member
    Posted 1 year ago #

    Hi,

    The server host gave me cpanel password. I logged in and went to recover my admin password <http://www.wpbeginner.com/beginners-guide/how-to-reset-a-wordpress-password-from-phpmyadmin/> as given here.

    I was asked by cpanel to login again. Now cpanel is not accepting the same password.

    I had my website email on Google Apps and I changed that password too. So at least email is working otherwise I cannot login to dashboard nor to cpanel.

    Tnanks for your help in advance

  8. bcworkz
    Member
    Posted 1 year ago #

    There are a number of ways to reset your WP password, see Resetting Your Password. Unfortunately, many of them require cpanel access, but if you still have FTP access, you can still try many of the techniques.

    To regain cpanel access, look for a link on the login page about dealing with forgotten passwords. If you have no success with online methods, you will have to telephone your host customer support.

  9. Dr. Ashok Koparday
    Member
    Posted 1 year ago #

    Ipstenu (Mika Epstein),
    leejosepho,
    Jan Dembowski,
    bcworkz,

    Thanks for the support.

    I had changed the cpanel password and logged in. With that same password I was not able to use Filezilla.

    I got the password changed from the host server.

    December 2012 backup is used to restore.

    Now I am deleting all files except uploads and the loose files wp-config and others.

    I want to change secret keys. I'll get from the WordPress key generator new set of random keys and overwrite the values in wp-config.php file.

    I have almost 6 backups of January 2013, but I will not use them.

    If you can suggest mobile first/mobile friendly theme I will appreciate as I will be redoing the whole web design.

    I truly appreciate your support.

    Best wishes,
    Dr. Ashok Koparday

  10. Dr. Ashok Koparday
    Member
    Posted 1 year ago #

    Ipstenu (Mika Epstein),
    leejosepho,
    Jan Dembowski,
    bcworkz,

    Which security plugins in your opinion are best and must?

    (I had secure wordpress installed few days earlier. They replied you didn't purchase our pro version.)

  11. bcworkz
    Member
    Posted 1 year ago #

    Now I am deleting all files except uploads and the loose files wp-config and others.

    Malicious scripts can be hidden anywhere! The uploads folder is a favorite hiding place. If you don't delete everything, what you've done so far could end up being a waste of time.

    I can't recommend any plugin, only from lack of experience, not because I think it's a bad idea. My only protection is strong passwords and good security habits, and a few minor measures from the Hardening WordPress article. I see hundreds of hack attempts every day in my logs and so far have had no problems---knock on wood :)

    Re: "secure wordpress pro" Ha! If their demo version is weak, why would anyone think pro is better? What a crock.

  12. leejosepho
    Member
    Posted 1 year ago #

    Which security plugins in your opinion are best and must?

    A bit like bcworkz has said, my "lack of experience" stops me there (since I have only ever actually used two). Most important, I believe, and like being sure to use strong passwords, is to replace the "admin" account with something else. I have only ever seen evidence of two possible hackers trying to get into my site, and "admin" was the username being used along with some kind of password generator. So since everybody knows everybody has an account named "admin", I do not.

    Better WP Security will help you rename your admin account and make it no longer be user #1. After doing that and trying some of its other features -- check with your server for specific compatibilities -- I ultimately began using Bulletproof Security and stuck with that one.

  13. Dr. Ashok Koparday
    Member
    Posted 1 year ago #

    Ipstenu (Mika Epstein)
    Half-Elf Support Rogue & Mod
    leejosepho
    Jan Dembowski
    Volunteer Mod. & Brute Squad
    bcworkz

    I want to thank you all for being a support in my time of crisis.

    I installed Wordfence Security plugin 12 hours ago and I got 50 attempted logins all using 'admin'. (Note: Even though my login name was not admin the site was hacked.)

    WebsiteDefender WordPress Security, which was installed 3 days prior to hack, did not reveal anything in it's scanning. On informing them the support team asked me to take 'Pro' version.

    Besides, I am thankful to server host support, which was helpful.

    I used to have daily backups of my site on Google Drive using UpdraftPlus Backup/Restore plugin. If anybody wants to do post mortem to find how/why of the hack I can give my backup. I don't think I have the expertise to do that myself.

    Best wishes for a secure web site,

    Dr. Ashok Koparday

  14. Dr. Ashok Koparday
    Member
    Posted 1 year ago #

    Thanks everybody for being available in time of need.

Topic Closed

This topic has been closed to new replies.

About this Topic