This thread contains an extended list of links and steps to follow after you’ve been hacked.
http://wordpress.org/support/topic/wordpress-ecurity-site-hacked-twice-in-a-month?replies=5
Clayton thanks for the quick reply.
I just had a read of the links and i so dont know half, if not more, of how to do this. This site was set up for me.
I can add pics and writing but thats as savvy as i am with it.
Is there anyone that can do this for me?
Thank you.
Cleaning your site might just be a matter of reloading the core files and deleting ALL stray index.html files. Can you FTP?
I’ve never done it but i can give it a try with step by step instructions.
Update; I no longer have the option to log in to my site…What to do?
Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
Download a fresh copy of wordpress. Open it up and delete the wp-contents directory. Open a ftp session to your server and upload everything except for the wp-contents directory that you just deleted. While you are looking at your server, delete any files and folders that do not belong… notably html files. Look inside every folder for stray html files, delete everything that doesn’t belong. I’ve seen where hackers place index.html files in every folder 3 or 4 levels deep. I’ve seen this a couple of time from unsecured servers.
Sorry but how do i open a ftp session?
Got the wordpress….where do i upload it to?
Ok i discovered i can upload files in godaddy.
My question is which file in the directory tree do i upload this file to
“fresh copy of “wordpress”.
Html
[Apache Logs]
cgi
wp-admin
wp-content
wp-includes
Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
If you haven’t already done so, you really, really, really want to make that full backup before doing this.
Your site is hacked, and being able to get back to where you are right now is your safety net…
When you extract the files on your PC from http://wordpress.org/latest.zip, they’ll be in a wordpress directory like so.
wordpress/
wordpress/wp-includes
wordpress/wp-admin
etc.
Take the full contents of wordpress/ and transfer that into the same directory where your existing WordPress files are located except the wp-content directory.
That will not delouse your install, but it may let you into the WordPress dashboard.
OK have looked the wordpress file and understand what it looks like, i deleted the said wp-content.
I still dont understand which of these i add that file to.
Html
[Apache Logs]
cgi
wp-admin
wp-content
wp-includes
LMAO…..Desperate times call for desperate measures…
OK, this is what i did to get rid of my trojan…lmao still
Because i didnt know where to put that new wordpress file, frustration got the better of me and i turned into chrome…kill…
I opened godaddy ftp manager, where my files are located. I opened my website so i could see the Avast trojan warning(file path). I followed the path in my godaddy files till i found the culprit and kept deleting. I kept clicking on all pages of my site, repeating the path finder step….lmao…
Ok, OK, it may not be to some peoples standards but i’m over the moon right now.
All i need is for someone to give me directions on how to add a log-in section to my website….PLEASE
Thank you….lmao
I had http://sucuri.net/ clean my site. I just didn’t have the time and the fact it is good for a year convinced me.
Over a weekend it takes a little longer. GoDaddy might also clean it for you.
Sucuri is good …. but it removes the effect, not cause.
URLs are provided almost everything, unfortunately, no access to the server – not much more we can do.
Problem is a tad worse now. I tried using ftp to up/load wordpress. Yes i deleted the content file first. It has opened up a whole new file called “wordpress”.
All the trojan stuff that i had manually deleted came back. Was i suppose to delete anything before up/loading. This is turning into a bigger mess than when i started.
I have gone through yet again, manually deleting, Now my site is gone.
Pleaseeeeee can someone give me “STEP FOR STEP” instructions on how to fix all this.
PS; Securi is good for people that can afford it. I can not.
