The Hack Repair Guy
Forum Replies Created
-
Forum: Everything else WordPress
In reply to: HackedLiterally every hacked website situation is unique.
Prevention should involve:
– changing passwords periodically.
– checking computer for malware periodically.
– maintaining an updated blog and plugins (monthly).These simple steps above will reduce your chance of being hacked in future considerably.
Forum: Fixing WordPress
In reply to: Website hacked. User renamed to 'sec-w.com'Just another random hacker / spammer is all. Nothing particularly significant regarding that name.
Forum: Requests and Feedback
In reply to: run wp-cron.php in a timebased wayI wrote an article on this not too long ago as well that’s worked quite well for my clients:
http://hackrepair.com/how-can-i-improve-the-performance-of-my-wordpress-website[If you want suggestions for your website, use the Your WordPress forum]
Forum: Fixing WordPress
In reply to: Website Hacked by Turk hack TeamWell, most of the hacks I’ve seen are either outdated software or stolen password.
Make sure that once you get things back up and running that you harden your FTP password (make it complicated), and change all your email account passwords (VERY important).
Likewise, limit you admin account to once person and ensure that password is complicated as well.
Last but not least, ensure you run some antivirus and malware scans on all your computers.
Forum: Fixing WordPress
In reply to: My site is hacked?Looks to me like your best option is to ask your host to recover your site from last weeks backup.
At least that way you can start to work through solving the actual issue with your, updating plugins, changing passwords, etc.
Forum: Fixing WordPress
In reply to: my site hackedHi,
I know this can get quite technical, but really it’s not that crazy hard to work through.Alright, so your host is saying they believe your FTP password was hacked. So that’s an easy one. Just log into your control panel and change your:
– control panel password
– website FTP password
– password to all email accountsIf not sure how, just call the host and have them walk you through each.
Ok next, with that done it’s time to check your site.
Lots of great free tools out there can help, like the links above, though I always recommend to my clients first ask the host if they have a backup from prior to your being hacked.
If no backup, then you could always start over and use this a lesson to remember to keep a backup of your website at least every few months in future, and/or use one of the many free daily backup plugins to do so.
If you have the ability to hire someone to help a quick search in Google will turn up lots of folks.
Sadly, there is no quick and easy to fix for a hacked website situation. A hacked site will require someone go through every file, clear out the hacks, and ensure all is locked down nicely to help prevent your site from being hacked again.
Forum: Fixing WordPress
In reply to: My wordpress has been hackedIt is possibly you left the username as “admin” and a very simple password set for admin?
What plugins did you have installed?
Was your FTP password likewise set with a complex password?
Have you checked your computer for viruses / malware?
Forum: Fixing WordPress
In reply to: Have I been hacked??Let’s not forget Redleg’s checking page as well:
http://aw-snap.info/file-viewer/Great for checking individual pages as well.
Forum: Fixing WordPress
In reply to: Hacked and Some QuestionsI spend most days helping people clear these types of situations and I can give you some statistics for the cause.
About 60% out of last 100 turn out to be password related compromises (hacked computer, easy password used, etc., traveling abroad, et al).
About 30% due to outdated plugins or WordPress version (“ah, you have WordPress 2.6 installed currently…” doh!).
The rest being web host related or other unknown reasons.
Forum: Fixing WordPress
In reply to: Was my website hacked?Interestingly there is quite a bit of discussion on this in Google, mostly related to Godaddy, going as far back as 3 years.
Example:
http://wordpress.org/support/topic/unexpected-t_variable?replies=30Personally I have a suspicion it’s simply some bad coding in your theme which is contributing to this error.
Plugins may also be responsible, though without actually disabling one a day it would be otherwise impossible to say which one is specific culprit.
Short answer:
Hacking: unlikely
Coding error (somewhere): most likelyForum: Fixing WordPress
In reply to: WordPress hacked – Shows a new theme and new blog! Please helpI agree, pretty scary stuff.
Make sure so change all passwords you can think of to start (ftp, wordpress, all email accounts).Then double check your blog to verify all is updated nicely.
Make sure you have just one admin account setup as well. Set other folks to editor, etc.
Forum: Fixing WordPress
In reply to: WordPress hacked – Shows a new theme and new blog! Please helpMost hacked sites I’ve reviewed with this similar issue were hacked due to outdated plugins or scripts. Updating the scripts and removing old ones being the first step to recovery.
The tougher part— it’s rare for hackers to not leave back door scripts in place (allowing hacker to re-hack your site again in future). You’ll need to review every file on your website as well to ensure no hacker coding remains.
Sadly it appears you may have gone the slash and burn route already. π
Forum: Fixing WordPress
In reply to: Un-hacked, can't log inIs possible that when hacker hacked your site they changed the email address and password.
See this info discussing how to review and reset:
http://codex.wordpress.org/Resetting_Your_PasswordForum: Fixing WordPress
In reply to: WP 3.5 got hacked !It is more likely some prior hacker left behind a back door script to re-hack your site (and less likely the version of WordPress has a relation to this issue).
So once you get things stable, start by resetting all your hosting and WordPress passwords.
A good start would be delete all inactive themes and plugins as well (to eliminate any potential entry points in those scripts).
Forum: Fixing WordPress
In reply to: Hello and My Website Was Hacked!Most hacked sites I’ve worked on were hacked due to outdated plugins or scripts. Updating the scripts and removing old ones being the first step to clearing up the hacker coding.
The tougher partβ it’s rare for hackers to not leave back door scripts in place (allowing hacker to re-hack your site again in future). Make sure to likewise review every file on your website as well to ensure no hacker coding remains.