I went to view one of my websites yesterday and I got the lovely news that it has been hacked. It says "Reported Attack Page" I have spent several hours reading up on it and trying to resolve the simple issues, which everything seems to be complex, and my temper has run up and down and now I am slightly apathetic with a bit of edge and aggravation.
I have access to the FTP and am using CyberDuck on my Mac to try to work things out. I am logged in to my Google Account using Webmaster Central to verify the ownership of the website.
Of the options that Google gives me to verify, I cannot do Google Analytics because I didn't already have it on before the attack, and I have no clue how to go into my DNS and change whatever it wants me to there, which leaves me with two other choices. HTML upload or adding meta-data.
The first and most recommended option is to
"Upload an HTML file to your server"
I downloaded the file and put it practically everywhere on the ftp and can't figure it out. From what I understand, the .html file that google has me download specifically for my website is to be put in the root folder, which would be the public_html if I am not mistaken.
One thing I am unsure of is where it goes exactly. I have a webhost with an addon domain, maybe subdomain (perhaps irrelevant to the concern I have) The additional domain is the one with the attack, so my folders read as this
Home > Public_HTML > Irisandember.com
I've tried putting it in each of those places and went as far as adding it into the wp-content folder. I can't figure it out.
So, I went and tried to add the meta tag. I went to my header and placed it immediately after the first <head> and that didn't work. I then placed it right before the
<title><?php bloginfo('name'); ?></title> which was right after the
<?php if (is_front_page() ) [ ?> and that didn't work either.
I've tried what seems to be anything and everything and I can't figure it out or it isn't working. When adding the meta tag, it fails but mentions that "Your verification file returns a status of 403 (Forbidden) instead of 200 (OK)."
I checked that 403 meant that something could be blocked from functioning how it is intended. If this is true, is there a way to eliminate the blocking temporarily?
I did some slight reading on it and tried to edit the .htaccess file to allow indexing, which did nothing.
Honestly, all of this is so that Google can pinpoint the lines of code that are messed up so that I could fix it, potentially. I am in no way an expert with HTML and CSS, so explanations may go over my head.
Any help would be great.