my site is hacked too! how did you contact the customer service? DO you have their number? thanks. vanessa
Thread Starter
Mehdi
(@mahdinajafi1yahoocom)
You should inform your own host webmaster.
Did they also restore the database from backup? Are they sure they went back far enough to get a clean backup? Did you change all your passwords: Database, WordPress Admins, FTP, Host account? Also scan your computer used for WordPress access for keyloggers and similar malware.
Also see FAQ My site was hacked for other things that should be done in response.
Most hacked sites I’ve worked on were hacked due to outdated plugins or scripts. Updating the scripts and removing old ones being the first step to clearing up the hacker coding.
The tougher part— it’s rare for hackers to not leave back door scripts in place (allowing hacker to re-hack your site again in future). Make sure to likewise review every file on your website as well to ensure no hacker coding remains.
Thread Starter
Mehdi
(@mahdinajafi1yahoocom)
Did they also restore the database from backup? Are they sure they went back far enough to get a clean backup? Did you change all your passwords: Database, WordPress Admins, FTP, Host account?
They just were able to restore backup httpdocs and couldn’t restore the database. That’s the problem. I changed all passwords and made wp-admin more secure.
Most hacked sites I’ve worked on were hacked due to outdated plugins or scripts. Updating the scripts and removing old ones being the first step to clearing up the hacker coding.
But during the hack time, the website was fully updated ( CMS + Plugins). I have no idea how some plugins have been infected. Even my RSS plugin has been infected and when a person person clicks on the links, the hacker’s message appears again.
Make sure to likewise review every file on your website as well to ensure no hacker coding remains.
Sure, I’ll do. But how can I recognize the hacker’s code? Where should I search exactly?