Hi, I hope you all can be forgiving of my technical incompetence. I got an email from Dreamhost today stating that, "We have received a complaint of outbound DoS attack activity from your
webserver which we've traced back to hacked scripts/processes running
under your domain, here:
The above-noted file has been deleted, but there may be more hacked files
that you need to find and remove. The file appears to have been uploaded
via an exploit of some sort, likely in the outdated Version of WordPress
you have installed under this domain.
$wp_version = '2.0.3';
(Note: The current version available on WordPress.org is 2.6.5 and
contains many security updates since your version.)
To keep your site and the server secure I have disabled the domain by
renaming the domain directory to end in "_DISABLED.." -- please do NOT
reinstate the domain until you have thoroughly executed the instructions
at the below wiki article:
For this type of hack, the "CGI Hack" and "Cleaning Up" sections are most
important. Please note that if you do not secure the site fully it will
result in the domain being hacked again, further illegal activity
occurring, and the domain (or possibly the account) being closed again,
so your thorough attention to this matter is appreciated."
I'm not very technically competent, so I tried to do what they said. I managed to get to my database, but I had no idea what was supposed to be there and what wasn't. I made a backup of the database from their control panel, so now there seemed to be doubles of everything.
They said I had to upgrade WP to the latest and directed me to their one-click install page. After three tries, (the first two said my site didn't exist, and therefore couldn't be upgraded) I finally got the upgrade to work. However, this was the first time I could get in to either my site or my admin panel, and I was horrified to see that everything was lost. I know it all still exists somewhere and I don't mind finding a new theme and farting around with plugins, but I'd really like to have my content back in contact with my site. Incidentally, this was also when they stopped responding to emails.
Can anyone help me in very simple language, or am I completely hosed? I really hate to lose five year's of work and it's brought me to tears a couple of times. I'm afraid to mess more stuff up.