thanks but that hardly helps
thanks but that hardly helps
what kind of help do you want
you’re the only one who can fix this
some additional “help”
How To Completely Clean Your Hacked WordPress Installation
How to find a backdoor in a hacked WordPress
Will a restore from an earlier date be sufficient to fix the problem?
Will a restore from an earlier date be sufficient to fix the problem?
possibly if all of the files are clean
Thanks for responding. I’m in the process now. This is the second hack with godaddy this month. Two different redirects so can I assume two different hacks?
Goddaddy is experiencing another hacker assault (attack occured 5/1/10 at about 3:35am.) similar to what NS has been going through all of April and I expect is trying to ward off again today. NS has shut down FTP since last night.
I’m seeing many goddaddy wp customers reporting on this latest round this morning. Your only option is to be prepared for lot’s of headaches. I’ve been working since April 18 to clean up my platform and things still aren’t quite right.
Your main concern right now should be intrusion monitoring. Clean up your site the best you can, backup nightly, look for suspicious file changes daily.
http://ddanchev.blogspot.com/2010/04/godaddys-mass-wordpress-blogs.html
I restored everything virus is gone for now, quick question am using wp-download manger backup and the images don’t show on the site, and plugins don’t work possible reasons for this?
thanks for the advice steve
images don’t show on the site . .
That’s a permissions issue. NS instructed everyone to reset permissions.
That worked and the images showed up. The only other thing I noticed through all this is a problem with permissions remaining firmly set on my hosts end. I would set them but they would change themselves back to the undesired permission. Very strange.
I am coming to to the conclusion at this point that these attacks on both NS and GD are being launched by some reasonably sophisticated hacker operations. Major “surprise attacks” including rouge accounts, etc.
http://www.nationaldefensemagazine.org/archive/2010/May/Pages/RussianCyberthiefCaseIllustratesSecurityRisks.aspx
what should I set the permissions to and where?
@dailyotaku
I couldn’t help but notice you may be restoring a version of WordPress 2.8.
This is interesting information ….(from GDHosting)
http://wordpress.org/support/topic/391658?replies=4#post-1498431
And some good information located here: Hardening WordPress with points of interest located at item 1. Keep up to date with the latest WP version, under the heading ” Vulnerabilities in the WordPress package itself”
Just some more information for consideration.
Lots of sites got hacked at GoDaddy today. Not only Worpdress, but also Joomla and simple html-only sites.
It seems a problem on Godaddy itself. LinkL
http://blog.sucuri.net/2010/05/second-round-of-godaddy-sites-hacked.html
thanks for the tip, updated it to latest version far as i can see. And added some security plugins
what should I set the permissions to and where?
You may have something in your Godaddy account manager that says Reset Permissions. You can try calling support or browse around.
That may not even help right now until Godaddy get’s things under control. Your main goal is to look into what backups you may or not have available on your servers side. Or your side of things.
They should be willing to clean your and others sites free. This is what NS has been doing. In part to prevent further reinfection if somethings hiding in unattended sites that owners haven’t checked or logged into in three weeks, or two months.
I wish godaddy helped us like NS. Godaddy didn’t do anything, gave me a link to a bad guide and your own your own.
