Are the files in wp-content/uploads?
Did you make any changes to the database?
What steps did you take to fix your site?
Hi,
First, try to confirm that the images/media files are there inside wp-content/uploads folder of your WordPress installation.
If they’re there and still now loading then please check the permissions of this folder of parent folders with FTP access or cPanel of hosting access.
They must be 755 in most cases.
You may also ask your web-host to check the permissions for you.
Best Regards,
Vikash
Thanks Vikash and sterndata! The images are indeed still in the wp-content/uploads and the permissions are set to 7-5-5 already.
sterndata, I was asked to delete a few files that somehow made their way onto my backend but other than that I made no changes. Is there another file (or files) that is needed to display the images that I may have inadvertently deleted? Also I just tried to delete a post and I received an “Error in moving to Trash” message which may mean this issue is deeper than I first thought.
Can I reinstall WordPress and get all the correct files back? It’s a brand new website so I can afford to loose some content.
I just downloaded the new version of WordPress and checked every file one by one to see if I inadvertently deleted anything but it looks like every file is indeed there.
Back in the first message, you said your host could reinstall from a backup. That might be a better solution than trying to work through a cascade of problems.
I agree with sterndata,
A fresh install is always better than fixing this one if it’s a new installation anyway.
Best Regards,
Vikash
The issue with reinstalling from a backup is that they cannot guarantee that the backup will not have the same issues, so I would be taking a gamble that the backup is free of the malicious files. I think I’ll take my chances with it however.
What do you all recommend that I do so that this doesn’t happen again?
Here is the response from my host support team
I am afraid that even if you consider a restore from the 22nd June this might not be sufficient as some of the malicious files we initially found have timestamps from:
20/04/16
04/05/16
and other dates before 22/06/16, hence they will most likely exist in the backups as well.
Thus the best approach would be instead of restoring the files to take the actions listed below:
1. Run a full anti-virus scan on your computer and provide us with the logs.
2. Clean your hosting account from any malicious files as per:
https://www.siteground.com/kb/how_to_check_your_website_for_malicious_content/
3. Update all of your website applications to their latest release
4. Update all modules, extensions, or plugins, installed on your website applications to their latest release
5. Remove any website applications that you do not use
6. Change your cPanel password
I do my own backups. I don’t trust hosts, even the good ones. 🙂
IF the files are in wp-content/uploads and are NOT IN THE MEDIA LIBRARY AT ALL, use the plugin “add from server” to re-add them.
If the files are there but only the thumbnails are missing, use the regenerate thumbnail plugin to rebuild the plugins and plop them back into the media library. https://wordpress.org/plugins/regenerate-thumbnails/
If your host is suspecting that your backups are infected then It’s certainly not beneficial to do a restore once again.
You may try the fixes sterndata is suggesting and if they’re not working then the only option is to do a fresh blank install of WordPress and then manually restore plugins, themes and uploads folder data into the respective folders of new install.
You will also need to replace the database file from your backup to the new install.
Best Regards,
Vikash
Add from server
is working!—For some of the files, not all. I think I am going to push ahead, and hope for the best. Thanks for being so helpful, I have a few more questions so this doesn’t happen again.
1) How do I back up my site?
2) What should I use to make sure that this never happens again?
Thanks so much guys!
Brian
1. Install the plugin “backupwordpress”.
2. keep everything up to date.
Thanks so much guys, were up and running!
