Help my wordpress site has been hacked | WordPress.org

G-Olly
(@g-olly)

11 years, 1 month ago

Please can someone help, my wordpress site was hacked over the weekend.

I use xilo to host my wordpress sites. It was hacked over the weekend (I believe through a tim.thumb script that my main theme was using). I have three wordpress installations on my server. The main one was hacked by a malicious script that basically deleted all my files. I have backups of the files and the databases but silly me, I had let it lapse for a couple of weeks before the attack.

I contacted my host and asked them to do a system restore from a couple of days previous to the attack. They didn’t respond straight away so I decided to sort it out myself I changed all passwords and uploaded my backups both databases and files. Whilst this was happening the whole account, files, access logs and all was deleted.

They responded today and have said that they have restored from the date I requested but there are lots of files missing that I know were there on this date. I am no developer and I am a bit confused as to what to do now. I have placed the websites behind a 503 which just allows me access. But I cannot find the wp-admin.php at all, it returns a 404 error page. Can anyone give me any pointers on what to do or ask for from my hosts?

Many thanks

Viewing 3 replies - 1 through 3 (of 3 total)

Andrew Nevins
(@anevins)

WCLDN 2018 Contributor | Volunteer support

11 years, 1 month ago

If you haven’t already, you need to start working your way through these resources:
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/

Additional Resources:
http://sitecheck.sucuri.net/scanner/
http://www.unmaskparasites.com/
http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html

sorayags
(@sorayags)

11 years, 1 month ago

Hello all,
I have just the same problem. I think my website has been hacked too. I cannot access via ADMIN. My website is http://sorayagarciasanchez.wordpress.com/
Any help would be greatly appreciated!! Thanks in advance!

Thread Starter G-Olly
(@g-olly)

11 years, 1 month ago

Thanks Andrew. I have checked most of them but I was hoping that I could get my system restored to the date when I knew it was working fine and then do all the updates, password changes, etc. from there. But alas it seems that I will have to go through and manually do this myself.

If I upload my most recent back-up of two weeks previous. Could I then block the site (to stop a repeat attack) and then do the updates and file changes necessary?

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Help my wordpress site has been hacked’ is closed to new replies.

Tags

In: Fixing WordPress
3 replies
3 participants
Last reply from: G-Olly
Last activity: 11 years, 1 month ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics