Fresh Install or repair Hacked WP ?

  • Resolved CasualNerd

    (@casualnerd)


    9 years, 2 months ago

    I have a blog that’s been hacked over the last week to redirect to a forex site, and while the index file had been replaced, simply replacing it hasn’t fixed the installation. I’ve tried overwriting the entire file structure but something, somewhere is still redirecting.

    I plan to move the site to a new host, start a fresh install of WP and transfer over content manually if possible to reduce any chance of malicious files being transferred.

    Is there a best way to go about this ? I’m still uploading the new install and sorting that out before I switch nameservers. I have a backup of files, database in a few formats and a full cpanel backup just in case.

Viewing 3 replies - 1 through 3 (of 3 total)
  • tsagita

    (@lemurianisindonesia)

    9 years, 2 months ago

    I think that is malware, and malware created by machine/not human.. Try to scan your website using malware scanner

    wslade

    (@wslade)

    9 years, 2 months ago

    I’m sorry someone damaged your site. Overwriting without first deleting everything repairs any modified files but leaves any malicious files that have been added.

    Hacking is not always be a continuous process. Meaning the damage might be done at various times over a multi day period. Using the datestamp on the replaced index.php as the time for the hack might not be completely accurate for determining what backup date to use. There may have been damage done days before the index.php file was changed. So, knowing your backup is malware free is not always easy.

    If you have a backup that you know is malware free, I think using a backup is the easiest and fastest way to solve the problem. It is not easy to find every malicious file that may have been added to your site. But if you don’t find every bad file, your site may become damaged again.

    Good luck on whichever route you decide to take to get your site back the way it was.

    Thread Starter CasualNerd

    (@casualnerd)

    9 years, 2 months ago

    Tried a few things like deleting all the files and uploading a fresh install, still didn’t work. Finally found all my posts had been deleted and redirects added in the database, so there’s not a lot to save anyway.

    Current plan is to start a fresh install on a new host ( the old one hasn’t even replied to my support ticket from 24 hours ago) and paste the old posts back in from wayback archive.

    I’ll have a bit of work to do working out my previous settings and getting the url’s right for old posts but I only had 20 or so posts.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Fresh Install or repair Hacked WP ?’ is closed to new replies.