And I can’t restore from the database backup I created… I can see it within phpmyadmin but the site comes up as if I’m installing from scratch, not seeing any of the content that was there when I created the backup.
Hi IndyITguy did you create a full site backup using your server or a backup plugin?
How can I see how my site was hacked?
That’s not an easy question to answer. There isn’t just one door via which hackers can get in.
The AIOWPS plugin serves the purpose of doing its best to stop hackers getting in via the WP door but having said that its still the responsibility of the site owner to ensure that they have enabled the relevant features to ensure their site is properly protected.
Since I don’t know exactly what state your system is in or how the hackers go in I would only be guessing…….
Eg, If the hackers got access to your file system (ie, FTP or Cpanel) and they deleted or modified files, then the DB backup will not be of much use because your file system has been compromised.
Try talking to your host provider to see if they can help you troubleshoot the origin of the hack. They will also be able to restore your site using a snapshot backup of your files and DB.
I used the AIOWPS plugin to create the database backup. I got it restored after I went back through the steps to restore a database. 🙂 I still need to change the database prefix so the new site will pull from the database though.
My hosting provider basically told me I’m SOL since I’m using a third party application to build/manage my site. Currently looking for a new hosting provider…
The changes were made form within the database… (possibly a database username/password breach?)
I enabled everything that I could possibly enable when I installed the AIOWPS plugin 4 days ago. Including the automatic lockout on usernames that don’t exist. I had the duration at 2 hours…
I received 3 IP lockout emails today from the same IP address and username (username didn’t exsist in my database). The timing was outside of the two hours between each email. I can’t pinpoint the time everything was deleted though. Is there tracking on database changes by chance? I didn’t see anything like that…
I use AIOWPS on all my sites and this site is the only one that this has happened to. I’m wondering if I was already compromised before getting AIOWPS setup and configured…
Hi @indyitguy in regards to your comment…
I’m wondering if I was already compromised before getting AIOWPS setup and configured.
That could be the case for this website as you also mentioned the following…
I use AIOWPS on all my sites and this site is the only one that this has happened to
Kind regards
I never did figure everything out… I just re-installed from scratch, at least now I know AIOWPS is running from the beginning.
