medusa_g
Forum Replies Created
-
Forum: Everything else WordPress
In reply to: Security Concern – Hacked WebsiteI had an extensive look through the WordPress database, folders and files etc… paying particular attention to certain db tables and files mentioned in the resources above and others I have come across throughout my research. Despite this, I haven’t noticed anything strange or suspicious. I also tried the suggested site scanners (http://sitecheck.sucuri.net/scanner/ and http://www.unmaskparasites.com/), which also haven’t turned up anything.
Something I am still not sure about is that the error_log on the server shows numerous MySQL connection errors to wp-db.php (as mentioned in my first post). I couldn’t really find any info on what the file does or is for, or if it could lead to finding out what went wrong.
My client is changing hosts very soon, so I haven’t restored the site as yet. For now I have put a HTML temp page up and deleted all WordPress files on the server). At this point, I am thinking it might be best to start afresh (clean install, restoring clean/pre-hacked local backups etc…) on the new server and follow these tips/suggestions http://codex.wordpress.org/Hardening_WordPress.
Forum: Everything else WordPress
In reply to: Security Concern – Hacked WebsiteThanks for the info.
I’ll have a good look through the resources to see if I can turn up anything or missed something the first time around, but I am sure they are the same ones I went through the first time the site was hacked into. Admittedly, I didn’t follow them all to a T and figured it was probably best to delete everything WordPress related from the server and start afresh. Either I was very mistaken, or there’s a lot more to it than that.
Forum: Everything else WordPress
In reply to: Security Concern – Hacked WebsiteYes, I did come across http://codex.wordpress.org/Resetting_Your_Password whilst researching the problem, although I haven’t tried changing the password yet. I’m pretty sure that regaining access won’t stop the login details (or anything else) being changed again soon, which is why I am being so adamant about finding out exactly what happened if possible.
In the meantime I had uploaded a maintenance.php page, which was later rendered useless also. I now have an index.htm temp page up instead and that seems to be doing the job for now.
Forum: Everything else WordPress
In reply to: Security Concern – Hacked Website@esmi, I’ll rephrase that. It seems that the username and password have either been changed or have been rendered useless. ‘admin’ is a recognised username (this might always be the case, I’m not sure), but it isn’t the one I used in the initial WordPress setup. I’ve tried the password with both usernames numerous times, but kept getting error messages. There is only the one user account and I am the only person (or at least I thought I was) with the login details.
Forum: Everything else WordPress
In reply to: Security Concern – Hacked WebsiteThanks for the suggestion jonpedlow.
I checked the wp_users table of the WordPress database in phpmyadmin (as explained above) and my username and password were non existent. They were overwritten/replaced by username: admin password: long bunch of random characters.
As for the host, they are the least helpful hosting company I have ever dealt with. In short, they refuse to look into it or admit whether or not it’s a problem at their end. I don’t think changing hosts at this point will resolve the issue, but I am going to strongly suggest my client changes hosts asap once it is sorted.
Forum: Everything else WordPress
In reply to: Security Concern – Hacked WebsiteForgot to mention that I was using WordPress version 3.4 when the first incident occurred, then version 3.4.2 the second time.