The Support Forums will be in read-only mode for a scheduled maintenance window on 01 September 2016 14:00 UTC - 20:00 UTC. More information.

WordPress posts have been hacked but not pages (5 posts)

  1. natbot
    Posted 3 years ago #


    I'm running a WordPress site. It's been hacked.

    I've managed to get site up and running. The 'pages' are fine. But the blog 'posts' are not.

    When a blog post is added in the backend, you can see it's been created. However, when you view the post in the browser. It has the right url however the page is a hackers page within my website.

    I've updated the Core files, however, this hasn't fixed the problem. Could it be my MySql database that's been affected?

    Any advice on how to resolve is most appreciated!

  2. Krishna
    Posted 3 years ago #

  3. natbot
    Posted 3 years ago #

    Hi Krishna, thanks for the reply.

    I have got rid of the hack, they're not reentering the site.

    The problem is that when a post is added it redirects to a page that has been added to my server somewhere. So I need to find how this is going to that page instead of displaying my post article.

    I am confident they're not in the site anymore but did this when they first entered and now I cannot publish posts properly.

    I'm hoping to fix this without having to reinstall everything.

  4. bcworkz
    Posted 3 years ago #

    This redirect is possibly due to a hacked .htaccess file. Finding a malicious entry is easiest if you have a pre-hack version to diff against. Otherwise, some understanding of rewrite directives is needed. If this is the cause of the redirect, the rewrite rule will tell you where the hacker page is residing so it can be easily disposed of.

    If that doesn't work, you'll have to at least reinstall the WP core and plugins and theme from fresh downloads after erasing all files except your contents folder and your wp-config.php and .htaccess files. This has no effect on your blog contents and settings residing in the DB. If all modifications were done cleanly, this should be completely painless, just unzipping and uploading a lot of files. Review the contents folder, for most people there should only be image files here. Compare your wp-config.php against the sample version, looking for any unusual code that does not belong.

  5. Krishna
    Posted 3 years ago #

    A hacked site cannot be restored with simple fixes, unless you want to leave back doors allowing hackers walk in straight away. Though simple fixes may make the infected sites look alright, it is only a matter of time before the hacker strikes again.

    Hence, it is strongly recommended that you read and understand the above quoted resources, and work according to the instructions contained in them. Anything less will bring in more pain.

Topic Closed

This topic has been closed to new replies.

About this Topic