The Hack Repair Guy
Forum Replies Created
-
Without actually logging in and looking at logs I would say it’s more likely a password issue than a plugin issue.
(no manner of security plugin will stop a hacker if hacker figures out your password)
The type of hack on your site atm is almost always done through a stolen FTP password (in my experience).
That said, your best course of action is first contact your host and get them to recover your website from backup. Once you have a clean copy in place then run (don’t walk) in making sure all your stuff is updated, all user/passwords changed, etc.
I would next log in via FTP or File Manager and for the moment delete that particular plugin directory.
Did you try the above yet?
Seems unlikely the plugin hacked your site. Though security plugins can conflict with other plugins, etc. It’s quite common actually and easily remedied.
I would next log in via FTP or File Manager and for the moment delete that particular plugin directory.
I would not give up hope on this plugin either. It’s quite beneficial once you figure out how to set it up appropriately for your site.
Forum: Fixing WordPress
In reply to: WordPress hacked with a strange file hidden in the includes folderA fairly common event nowadays, particularly when a website has been left outdated version or plugin wise.
Make sure to likewise change every password you can find, as well as complete updates on everything within your website account space.
Forum: Fixing WordPress
In reply to: Website HackedTrue. Customer service and security isn’t really their forte. But they do nice super bowl commercials.
Forum: Fixing WordPress
In reply to: Website HackedCurious to hear how this worked out for you.
Forum: Fixing WordPress
In reply to: Latest stable release of WordPress (3.3.1) can be easily hacked?That was helpful though for those who do not know hot to translate, install this plugin within Firefox, “Translate this”
Then see the pages mentioned above. Is quite informative actually. Plus 1.
There is no automated way to find the hacker code. Someone will need to roll up their sleeves and put their sherlock cap on to find and remove the malware if any remain.
I worked on a similar issue this past week and were a few hidden back door scripts that caused the bad content in Google, as well as modifications to the .htaccess files in different directories.
You’ll need to clear all these up, then submit a reconsideration request to Google (which takes from 4-10 days to clear up usually). See, http://support.google.com/webmasters/bin/answer.py?hl=en&answer=35843
Forum: Fixing WordPress
In reply to: Website HackedFirst of all, like to say that your host has shown their true colors. Time to bail on that outfit.
Next, ask them if they have backups from last week. If not, another reason to leave and if they require you to pay for a backup- another reason to get out of that place asap.
Since they’ve suspended your site, it’s now twice as hard for you to fix the issue sadly. You’ll need to find someone to go through every file within your website, hunt down those hacker scripts and remove them, then have that person better lock down your WP installation (latest version, change passwords, etc.).
Best of luck on this one. Very sad to see web hosts like this are still in business.
Forum: Plugins
In reply to: Website hacked by russians!Since your site has been hacked your best course of action is first contact your host and get them to recover your website from backup.
Once you have a clean copy in place then run (don’t walk) in making sure all your stuff is updated, all user/passwords changed, etc.
If your host it totally non-cooperative or their idea of backups is “we got none” or “all we have are last nights backup” then similarly run (don’t walk) to get another web host since yours has grossly failed you.
Your next step is to remove all the hacked pages and any lingering back door scripts. There is no magic bullet or quick and simple way to do this. Someone will need to roll up their sleeves and dive in…
Forum: Fixing WordPress
In reply to: Website Was Hacked – WordPress not workingI see this is still ongoing sadly. It’s crazy that people do this, though you have some options.
1. Contact your web host.
If your web host maintains daily and weekly backups, hopefully they will be able to recover your website from prior to this event.Once they do so, you’ll want to make sure all of your passwords are
changed and likewise ensure all scripts on your site are updated.2. Web host has no backups.
Ok, so your web host has no backups. If this is the case, you’ll need to log into your website via FTP and start looking around for newly dated files, then work to remove any hacker code you find in them.In summary, there’s really not much we can do here in the forum.
Someone will need to log in and remove all the hacked pages and any
lingering back door scripts. There is no magic bullet or quick and simple way to do this.Forum: Fixing WordPress
In reply to: Site Hacked 3 timesNumber 1: time to change your host
Number 2: time to hire a profession to end your nightmare in a single day.Forum: Hacks
In reply to: HACKED and can't sign onFTP to your website and delete the specific plugin folder within your /wp-content/plugins folder. That will eliminate the script conflict.
There is an issue using the Better WP Security plugin with InfiniteWP. Performing remote plugin / theme / core updates with InfiniteWP will fail with an error: ‘An unknown error occured.’
To resolve this, ensure under the ‘System Tweaks’ page of Better WP Security, ensure the three checkboxes under ‘Dashboard Tweaks’ are _NOT_ selected. These three checkboxes stop users from seeing information about theme / plugin / core updates if they don’t have rights to do updates within WordPress. For some reason the InfiniteWP client is affected by these, and will not do remote updating if these are enabled.
Disable them, and it all works fine. This shouldn’t be an issue for most people, as those features in Better WP Security were designed for multi-site installations. It does leave a ‘red’ unsecure option under the Better WP Security dashboard, which will annoy perfectionists, but it should not be a security concern.