Deleting WordPress

lostbits
(@lostbits)

10 years, 4 months ago

My Web Site at Arvixe was hacked. I detected it on 18 Dec and Arvixe has been unable to ‘get to it’. I am down.

One thing the hacker did was to remove the General->Settings->Save button. I don’t know enough to modify the script and restore the button so my thought is to delete WordPress and then reinstall it. If I execute ‘> rm -rf wp/’ on a Linux based system will this destroy WordPress in a manner so that I can reinstall it or are there other things that have to be done.

I’m stuck. 19 days of downtime and an indication that it ‘will take time’ to wipe my domain so that I can do something. So any help is appreciated.

Arvixe prides itself on 95% uptime where most web hosting sites languish with 99.9% uptime.

The domain name is SlipBits.com but there are no web pages yet – that was my Christmas project!

art

art

Viewing 3 replies - 1 through 3 (of 3 total)

Moderator t-p
(@t-p)

10 years, 4 months ago
You need to start working your way through these resources:
Additional Resources:
Thread Starter lostbits
(@lostbits)

10 years, 4 months ago
I have read all of the top level articles and looked at some of the nested articles. I will continue searching but I have some questions.

The top level first article, https://codex.wordpress.org/FAQ_My_site_was_hacked, and I believe all or most of the others are for WordPress 2.7.1. I am running WordPress 4.4. Are there significant differences between the two?

Several references provide indication of difficulty with finding errant scripts, directories and files. I don’t understand this. suppose I have a pristine copy of WordPress (downloaded but not installed) and I have a fault with the installed version. As a first level search couldn’t I do something like:
```
> cd pristine/
> ls -Al | tr -s ' ' | cut -d' ' -f5,9 > pristine
> cd installed
> ls -Al | tr -s ' ' | cut -d' ' -f5,9 > /pristine/installed
> diff pristine installed | grep '>'
```
What I am comparing is the unsorted files and file sizes in the installed and pristine directories. This process detects all files with different sizes and all files and folders not part of the initial installation. The reduced set of files and folders are then suspicious, but is to me important is the reduction in search time. A few simple commands search all files.
s
The other note is does WordPress distribute a manifest with file sizes and directories as part of their release (and should they)? If they do then the provided data can be used directly without searching the pristine directory.

And as another fillip, does WordPress provide a signature for each file? If they do provide a signature and provide the algorithm used to calculate the signature then this can be used to validate existing files and will identify some valid files with bogus data which have file sizes matching the distributed version.

I have to admit that I am a complete novice (and dumb to boot), but the articles that I read stress the search process as being difficult and near impossible. And yet, the discovery of altered files appears easy. Further, with a little support from WordPress, it should be possible to identify files integral to correct operation which should never be changed and to identify pristine file content. And etc.

I guess that I don’t understand. could you point out articles which explain why my reasoning is faulty or could you explain why the reasoning is faulty?
Thread Starter lostbits
(@lostbits)

10 years, 3 months ago

thanks.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Deleting WordPress’ is closed to new replies.

Deleting WordPress

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics