WordPress.org

Forums

Hello - Query regarding Database (7 posts)

  1. Eusaf
    Member
    Posted 2 years ago #

    Hello WordPress Dot Org. This is my first post here and I come forth regarding a question I'm pretty ignorant about.
    My wordpress installation got recently hacked! Must be one of the bad plugins I was using.
    To my fortune, I had a clean backup from 3rd march saved, so I dumped the whole installation from cPanel and uploaded the last clean version, cross-checked by htaccess permissions.
    The problem is about my Database! I have a clean database with me (from 3 march as aforesaid, which is 3mb in size) but the one I'm using right now is 4 mb! Accessing their might be something viral still in there, what should I do now?
    a. go with this current DB?
    b. delete this, restore old one? (can this cause some down-link or crash?)
    c. import the old (clean) DB's table to the one I'm currently using?

    I'm sorry for this amateurish question people but you must have already figured it out I'm very new to this! :) and I'm trying to work calmly.

    Your help will be of utmost appreciation.
    PS: any other helpful links as to how to minimal future vulnerabilities in my WPress are also welcomed.

    - Eusaf

  2. Eusaf
    Member
    Posted 2 years ago #

    Woops, did I post in the wrong section?
    Sorry 'hacks' made me took the bait :/ - mod please move it to the right forum! thanks.

  3. jholder83864
    Member
    Posted 2 years ago #

    I used to work for a very large search engine company. We had a saying that I think you should live by here:

    Once a machine has been hacked, you can never trust it again.

    I would backup your data to wrx, and do a clean install.

  4. Eusaf
    Member
    Posted 2 years ago #

    Yes sir Holder! clean install is what I did from the very scratch.
    My question in OP is regarding the database,

    The problem is about my Database! I have a clean database with me (from 3 march as aforesaid, which is 3mb in size) but the one I'm using right now is 4 mb! Assessing their might be something viral still in there, what should I do now?
    a. go with this current DB?
    b. delete this, restore old one? (can this cause some down-link or crash?)
    c. import the old (clean) DB's table to the one I'm currently using?

  5. cjchamberland
    Member
    Posted 2 years ago #

  6. bcworkz
    Member
    Posted 2 years ago #

    To specifically answer your database concerns, it sounds like the current one could be harboring back up hacker code, do not use it!

    Do make a backup copy of it though, it may have some forensic analysis value. Keep it in a segregated, well labeled location. Restoring the old database should not result in a crash unless it is so old that it is from a very different WP version. Overwriting all the tables with the older ones amounts to the same thing as restoring the database, you could use either approach.

  7. jholder83864
    Member
    Posted 2 years ago #

    The above posters (especially cj) are completely correct.

    However, if you wanted a more in-depth analysis, i'd just dump the db to an SQL file,but it on paste bin, and let someone look at it.

    Just take out the users table, as the hash and salt are in there. While they can't be decrypted, it's just safer that way.

Topic Closed

This topic has been closed to new replies.

About this Topic