Support » Fixing WordPress » my site was hacked…how to upload this file

  • My wordpress site was hacked by iranian hacker

    my hosting provider said they cleaned the site of malware and they told me to replace index.php

    I did a whole new upload of wordpress but nothing changed..they said my site was hacked again, and are now telling me to replace wp-config.php file

    I did a whole upload of wordpress again but nothing changed

    Now I notice that in my wordpress download, there is a file labelled wp-config-sample.php

    If I am supposed to upload a new wp-config.php file, and I have a file named wp-config-sample.php, should I change the name of this file to remove the sample, or is it a completely different file that I need to upload?


Viewing 3 replies - 1 through 3 (of 3 total)
  • The sample wp-config file is just that, a sample file containing all of the necessary information needed to connect WordPress to the database on your webhost. After you fill in the required data such as database username, database password, and the Salts, you can rename wp-config-sample.php to wp-config.php. Keep in mind whenever you perform an update of WordPress, that sample file will most likely return as it’s part of the core package.

    thanks for the info, but

    a) I don’t know where to fill in all “the required data” you referred to

    b) I’m not sure what the database username password are…and what is Salts?

    c) is my ability to do this limited by the fact that I can’t access my blog?

    Moderator James Huff


    Volunteer Moderator 🚀

    a) That would be the login information for your database that you used when you installed WordPress. See this for more info:

    b) Security keys and salts improve the security of your blog. See this for more info:

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘my site was hacked…how to upload this file’ is closed to new replies.