Thanks Ipstenu, but that was the very first thing I did, and since I am not all that familiar with everything in there, I was hoping to get some more specific advice. A simple link is not very helpful for me as I have very limited knowledge in this area.
I have done some of the things listed in the FAQ and installed the Exploit Scanner plugin, but I have absolutely no idea what it all means.
I just went through the editor on my dashboard and it seems that only 2 php files are affected (category.php / index.php).
I guess my question is whether it is possible to restore these php files to the way they should be without taking the site offline, and if so, how would I go about it.
The reason we point people to that page is because it’s useful and tells you what to do. Did you change your passwords? Check with your host? Restore from a backup? Without knowing WHAT you tried, it’s hard to say. And yes, it’s a lot to learn, but you need to take the time now, or you will be in pain later.
In fact, on that page, it tells you to restore from a known good backup. I know you said only two files were affected, WHERE are those files? Are they theme files or what? If you don’t have a good back up of your theme, go download a new copy and upload that.
Do you know how to use FTP? You should be using that right now to make your fixes.
Thanks for that. I seem to have fixed it simply by deleting and reinstalling the theme.
Now is there plugins or steps I could take to prevent further attacks?
I seem to have fixed it simply by deleting and reinstalling the theme.
You remember where the page AND I said ‘restore from backup’? That’s basically what you did.
Yeah, go read that page I gave you 🙂 Start with changing your passwords, continue on through the suggested also-read. You will be learning a lot. Take it one step at a time and you’ll be fine. But yes, you will need to read and learn a lot here.