Ready to get started?Download WordPress


Site Hacked (6 posts)

  1. sincewelastspoke
    Posted 2 years ago #


    My site was hacked recently.

    The attackers got in through 'archive.php' in my 'twentyeleven' theme.

    I just thought I'd post this in case it happens to anyone else.

    Hope this helps.



  2. esmi
    Forum Moderator
    Posted 2 years ago #

  3. The Hack Repair Guy
    Posted 2 years ago #

    It's more likely that a hacker specifically hacked that file, so you would be less likely to find it.

    I've worked with hundreds of websites all around the world who have used that theme and my experience says that file is not a hacker file.

    You can confirm this by downloading a virgin copy of the theme and compare yours with the original (and I believe you'll see your post is in error).

  4. adpawl
    Posted 2 years ago #

    @THRG is right, wp-archive can be a victim, but rather not a gate.
    You should check files by modification time - look them in server log. Also check for files which is not in the original wp package.

  5. sincewelastspoke
    Posted 2 years ago #

    @THRG Thanks, but 'twentyeleven' remained untouched from upload to my server. It's exactly as WP made it. It was just there as a 'virgin' itself.
    My active theme is another one entirely.

  6. The Hack Repair Guy
    Posted 2 years ago #

    I recommend deleting all inactive themes and plugins.

    Themes and plugins are easy enough to reinstall if needed in future. Leaving old themes or plugins installed may degrade the security of your website (so why take a chance...).

Topic Closed

This topic has been closed to new replies.

About this Topic


No tags yet.