WordPress.org

Ready to get started?Download WordPress

Forums

Re-installing WordPress after site hack (9 posts)

  1. dorich
    Member
    Posted 9 months ago #

    I'm going reinstall WordPress after having the site hacked.

    I'm looking for advice on whether there are any pitfalls to avoid.

    This is the process I plan to use
    ---------------------------------
    The site runs the 2012 theme with a child-theme.
    I plan to save the child theme folder.
    Make a list of plugins.
    Download posts to a blogging application on my mac.
    Then remove the current installation of WordPress.
    Next reinstall WordPress, add the child them folder back and then upload the posts from the blogging application.

    Symptoms and What I've Done So Far
    ----------------------------------
    The symptom I can see is that a readme.html file that comes with the installation appears to be redirected to http: // www. fma. com/index.php (I added the spaces to break the link).
    I looked at the .htaccess file and I believe that the file content has been added by WordPress but I'm not knowledgable about redirects.
    I did find a file with the name of "core.2062". I don't recognize that file as any type of file that comes with WordPress so I removed it.My quick tests indicated that removing it didn't have any effect on the functioning of the site.
    The strange thing is that this redirect appears to only effect the read me.html file. The rest of the site appears to function correctly. Nevertheless I plan to reinstall in an attempt to clean up the site and remove anything malicious.

    If anyone has any advice on the rights or wrongs of the process I plan to use I'd appreciate it.

  2. Tara
    Member
    Posted 9 months ago #

  3. leejosepho
    Member
    Posted 9 months ago #

    Download posts to a blogging application on my mac.
    Then remove the current installation of WordPress.

    Removing WordPress does not affect the database at your cPanel where your pages, posts, user data and various other things in text are stored. Do you have any indication that your wp-content folder has been affected?

  4. SeriousOwl
    Member
    Posted 9 months ago #

    do you have any backup? My opinion is to delete all files including the database stored in cpanel

  5. dorich
    Member
    Posted 9 months ago #

    @leejosepho

    The only symptom I have is that the "readme.html file is being redirected when I view it. While its possible that this is the only problem on the site I have a mindset that says that the best thing I can is to remove the current installation and start again.
    You raise a good point that I hadn't considered. I have to remove the existing database and create a new one.
    I plan to download the posts into a desktop blogging application. So I'm assuming that with a new database I can then safely upload the saved posts to the new database.

    Thanks

  6. dorich
    Member
    Posted 9 months ago #

    @SeriousOwl: I do have backups from each WordPress upgrade but I think I'll stick with the file deletion approach.
    Thanks

  7. SeriousOwl
    Member
    Posted 9 months ago #

    good luck ;)
    I hope your site up again soon

  8. dorich
    Member
    Posted 9 months ago #

    @Tara:

    thanks for the links. I reviewed them and found a lot of useful information to add to the process of cleaning up the site with a clean install.

  9. Tara
    Member
    Posted 9 months ago #

    No peoblem. Hope everything works out :-)

Reply

You must log in to post.

About this Topic