The Hack Repair Guy
Forum Replies Created
-
Forum: Everything else WordPress
In reply to: Hacked now what? … Host Papa or not….If your database was not hacked (which is unlikely given the hacks I’ve been seeing at HP), then you are probably fine.
Moving to a new host, as long as your cpanel or FTP login works, should allow new host to move your data nicely. If host has any proficiently with WordPress the move is generally quite straightforward.
I would first install the same version of WP at new host, then export db from HP using phymyadmin, and import into new host using phymyadmin. Then it’s just a matter of changing the wp-config.php to the new hosts settings and all should be back to normal.
Now, in some cases I’ve seen hacker has actually replaced a theme file like 404.php or header.php with their hacker coding. In these cases I’ve just hunted down the original theme in Google, then copied the php coding from the original theme into the hacked file. That fixed client’s website nicely.
Really, it’s not that complicated for anyone with a general understanding of WordPress.
There are a few hosts out there that have no qualms in transferring all files and db to get your site running with their new service.
See my notes above for Google queries to find the good security and customer service minded hosts.
Forum: Everything else WordPress
In reply to: Hacked now what? … Host Papa or not….Moving to a new host is not terribly stressful.
The better hosts will move your site for you free of charge within a an hour or two of your request.Before you switch make sure to move to a web host who boasts about security on their home page, instead of blue eyes girls grinning back at you.
Search in Google for web host with phrases on their home page like:
free daily malware scanning
pci compliance
secure WordPress hostingA search for these should get you going in the right direction.
Forum: Fixing WordPress
In reply to: Hacked – Looking for suggestions!Replacing the theme or plugins may not be enough. Sadly, nowadays it’s rare for hackers to not leave back door scripts in place (allowing hacker to hack your site again in future).
For this reason, you’ll need to review every PHP file on your website respectively to ensure none are out of place or were installed by hacker as well.
Forum: Fixing WordPress
In reply to: I've been hacked!I recommend you ask your host to recover your website from last weeks backup. That should get you back up and running.
Once you are back up then consider updating all, and changing all passwords, including all of your affiliated email passwords.
Forum: Fixing WordPress
In reply to: Hacked AGAIN!You are apparently missing something after the rebuild of your site.
May be time to hire and expert to finish the job.Hackers are good at hiding back door scripts, which enable them to re-hack your site on a whim. It’s more likely your re-installation still harbors back door scripts or even outdated scripts of another sort. An expert would go through your site with a proverbial fine tooth comb and end your pain in a single day.
Forum: Fixing WordPress
In reply to: hacked by hackerThe solution is fairly simple.
1. Ask host to recover your site back to last weeks backup.
Recovery will solve the problem nearly instantly.2. Then once recovered make sure to change all passwords, including your email passwords, then further lock down your site (I discuss most of this on my site).
3. If host does not have a backup to recover too, then move out as soon a possible to a more secure web host who offers daily malware scanning and weekly backups (this is your real long term solution).
Suffice it to say, Website security = backups + security focused web host
All of this these situations described above can be easily managed when you host through a web host who discusses security on their home page (as opposed to a blue eyed blondes grinning back at you…<hint>).Forum: Fixing WordPress
In reply to: hacked by hackerRight, though 20 twitter posts in a week doesn’t exactly describe an incoming WordPress apocalypse…
Forum: Fixing WordPress
In reply to: hacked by hackerSites I’ve seen so far with this type hack have had installed:
contact form 7So far the contact form 7 plugin has been the only common denominator I’ve seen in the sites I’ve fixed this past week. However, this is totally speculative, given how popular this plugin is, it’s more likely just a coincidence.
Forum: Fixing WordPress
In reply to: hacked by hackerI’m only hearing one hosts name so far being mass hacked.
If someone has specific details on another host mass hacked please post the details.
Seems to be a rash of anecdotal comments and I’m not seeing any indication of some zero day vulnerability in the wild. I’m seeing no where near the traffic I would expect to see in the hacker forums if there were the case; and number of hacking reports don’t appear to have spiked this week at all.
Forum: Fixing WordPress
In reply to: WordPress hacked.Sounds like may be time to bring in an expert to resolve this one for good.
Forum: Fixing WordPress
In reply to: WordPress hacked.Unlikely has anything to do with your provider. More likely hacker has installed some back door scripts within your site, allowing them to re-hack you anytime they wish.
You’ll need to have someone review “every” file on your website respectively to ensure none are out of place or were installed by hacker.
Forum: Fixing WordPress
In reply to: Is my website hacked?This does point to your website being hacked.
This is not a legitimate file for example:
wp-includes/js/tinymce/plugins/inlinepopups/skins/clearlooks2/img/537.phpUse your hosts file manager to look at the file 537.php to verify.
Forum: Fixing WordPress
In reply to: Protecting against being hackedThis link may help in regard to bad bots protection:
http://hackrepair.com/how-to-block-bots-from-seeing-your-website-bad-bots-and-drive-by-hacks-explainedThis link has a number of tips:
http://hackrepair.com/hackrepair-com-security-tips-and-hack-notesForum: Plugins
In reply to: [BulletProof Security] bulletproof-security.0.47.5 not workingFew web hosts do malware scanning and certainly there are quite a few who are not commenting on the issue or would not think to comment here…
I imagine there will be quite a few accounts out in the world who will wake up in the morning with there sites suspended as a result (and not to happy at BPS I imagine).
Though you should applaud those hosts who do actively monitor for malware, and make amends where possible IMHO.
Was hoping you could provide here what’s changed within the .htaccess settings for BPS in the past week.
That would make the “what” a lot easier to figure out.