Support » Fixing WordPress » Site Hacked

  • Josh


    Moderator and Editor Customizer


    One of my sites was hacked with the “daysofyorr”. I was able to sniff out the rogue code and wipe the script which was being automatically generated in my header and footer files.

    My site is back up and hack-free. However, what are all the suggested steps to prevent this from happening again?

    I have changed my password, and the auth keys in the wp-config file.

    Are there other steps I should perform?

Viewing 2 replies - 1 through 2 (of 2 total)
  • If you have a fresh and clean copy wp-admin, wpincludes and wp root directory files, fresh copy of all plugins, checked themes, checked and wp-config.php, .htaccess ….and other files do not included to orginal wp package ….then:

    Make sure you do not use unsecured timthumb.
    Check your server logs.



    Moderator and Editor Customizer

    Excellent links, thank you! Those appear to be some pretty heavy duty settings to block potential attackers. And here I thought just changing the password and auth keys would be enough :-/

    It will take me a little while to work my way through those articles. But I’m sure the payoff will be a nice, secure site.

    Thanks for taking the time to respond.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Site Hacked’ is closed to new replies.