Support » Fixing WordPress » WordPress hacked!


    How or where is this hacked?

    I’ve looked through my header.php, footer.php, etc and couldn’t find anything anywhere. I’m no coder so I’m way out of my league here.

    I kindly ask that someone with more coding knowledge than I look at my site and possibly determine how to fix it.

    I’ve been submitted to Google as a “suspected attack site”

    I’ve re-upgraded my wordpress 2.8.1
    I’ve deleted and re-installed my theme…
    So far still an attack site… bad news.

    Please help if you can.

    I’ve been here already:

    Doesn’t help me much.

    Thank you.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Christine Rondeau


    Volunteer Forum Moderator

    In the past, I found stuff from hackers in my index.php file, but it was just a bunch of links to porn sites. I’ve never seen anything like this before. Have you ask your hosting company?

    Maybe try deleting the whole wordPress installation and re-installing it?

    Maybe download your database and see if there is anything in there?

    Sorry to be of no more help than this, but would love to hear what caused it if you find out.

    I’ll keep this thread updated with what I find. Forums are better when two-way anyway.

    I’ve replaced my index.php
    The problem now is that even if I’ve removed the malware… I’m having trouble getting “un-blacklisted” from google.

    We’ll see what happens. :/


    To do this prevent this happen next time:

    -> WordPress is an open source so upgrade your blog at regular intervals
    -> upgrade plugins to the latest version and only use those plugins which are compatible with the wordpress version.
    -> Do not install vulnerable script into your domain/blog which can lead to hack the code of your blog.
    -> Always update your control panel password at regular intervals and set it with high strength.

    Now, restore your blog and reset the details…


    Shane G.

    I too have been hacked! yesterday I noticed I could not login to my host’s cpanel, and then noticed all 4 of my domains were listed as attack sites. My host emailed me saying my sites were suspended due to terms of use breach.

    Today they emailed me saying it was wordpress that was hacked. I was using 2.8.1 I see now there is an upgrade to 2.8.2… kinda late guys. lol.

    So I too am hoping once I resolve this, get my domains unsuspended, and reinstall everything, that my sites are no longer listed as attack sites.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘WordPress hacked!’ is closed to new replies.