benners

I did more digging and discovered that this error message popped up because I was the victim of a brute force attack (I think, based on my web analytics data), and had to completely wipe out my site because I couldn’t find a better solution without paying someone to do a deep dive into the issue.

My site was still running, but very slowly, using a ton of resources. That’s why it took me a few weeks to figure it out (this is a hobby site, not a work site). The problem that I described above also prevented me from installing the necessary plugins to scan and clean my WordPress install. As it turns out, my entire FTP access was compromised and a bunch of spammy/pornographic content had been placed directly on my server unbeknownst to me. The .htaccess file had a bunch of sketchy stuff on there that I definitely had not put there myself.

In summary, it was not a good situation. I had to wipe everything out, reinstall, import my wp-content folder, change all of my passwords to WordPress and FTP, switch to SFTP, install Wordfence, and now a few months later I am back up and running. Good times!

Hope this helps anyone who suffered a similar fate. I am not a web security expert so forgive me if any of my technical analysis is not 100% accurate, this is my best guess.

-b