The Hack Repair Guy
Forum Replies Created
-
Forum: Fixing WordPress
In reply to: site hackedIf you still cannot log into your admin then I agree it does sound like there is a problem with your theme.
Any possibility you can download a copy of the theme from original theme site then FTP upload the files on top of these within your theme directory?
Since you’ve now overwrote the core files, then in theory if you overwrite your theme files you should be able to once again log into your admin.
Forum: Fixing WordPress
In reply to: site hackedHi,
Someone has damaged some of your WordPress files it appears, so do the following:1. Note the version of WordPress you are running.
2. Download the “virgin” copy of your current version form here:
https://wordpress.org/download/3. Extract the backup, then upload just the wp-admin, wp-includes and all of the files in the main directory over your current installation, like my picture shows here:
http://tvcnet.net/images/tutorials/2012-03-13_0906.pngI believe that should do the trick. 🙂
Forum: Fixing WordPress
In reply to: Has my WordPress been hacked?Once you have cleared the hacks from your website you’ll need to submit a Google Review request to clear your reputation within Google, https://support.google.com/webmasters/bin/answer.py?hl=en&answer=168328
Unmask Parasites is another useful for checking to see what hacks may reside on your page, http://www.unmaskparasites.com/
Forum: Fixing WordPress
In reply to: WordPress hacked files to delete or update when you've been hackedHi,
If I recommend a host the staff here at WordPress will yell a me.
You could Google my username. 🙂Forum: Fixing WordPress
In reply to: was I hacked? or was this from a plugin? see code pleaseYour site was most likely hacked due to an outdated something (theme, plugin or main site).
Install this plugin to verify if it the hack was due to the Timthumb exploit (which has been around since Aug 2011).
Timthumb Vulnerability ScannerForum: Fixing WordPress
In reply to: WordPress hacked files to delete or update when you've been hackedThese so called unlimited hosting plans are disasters waiting to happen.
I recommend to my client to never maintain more than three sites within one of these shared directory type hosting accounts.
So many people have been burned due to not being educated as to how severe a security risk this type of “open bay,” hack-one-to-hack-them-all” type hosting accounts can be.
If you are a professional web designer and think you are saving money by using “open bay” hosting plans, hopefully you’ve just learned your lesson (that saving a few bucks on web hosting can literally destroy ones web design business overnight).
Hackers love “dorm room” type hosting accounts because it’s so easy to tell their friends, “hey, look I just hacked 40 websites,” when all the script kiddy did was hack a person’s website who thought he was being smart in placing all of his 40 clients websites on a 5 buck a month hosting account.
If you are hosting through a Mc’Hosting open bay style hosting company you are basically placing your site in the cross hairs of hackers looking for an easy target.
Forum: Fixing WordPress
In reply to: Hacked WebsiteHi,
First step is to call you host and get them to revert your site to last weeks backup, If they don’t have a last weeks backup that’s pretty weak (and I recommend you find a new host in future that does).That said, if your host is unresponsive and disinterested and can’t revert back to a prior backup then you may need to hire a professional to go through and remove all the hacked code.
Forum: Fixing WordPress
In reply to: WordPress hacked files to delete or update when you've been hackedOne of the better descriptions of this hack may be found here, along with some general advice as well:
http://domesticenthusiast.blogspot.com/2012/03/dyslexic-mayans-want-to-sell-you-cialis.htmlForum: Fixing WordPress
In reply to: Site HackedHi,
Is your site still showing as hacked now, or do you feel you’ve managed to get the situation under control?Forum: Fixing WordPress
In reply to: Hacked Worppress sitesESMI Add:
http://www.unmaskparasites.com/Forum: Fixing WordPress
In reply to: Hacked again..need to freeze site nowHi,
Change your Secret Keys, https://codex.wordpress.org/Editing_wp-config.php#Security_Keys within wp-config.php may help in this regard.
Also consider the User Locker plugin.Forum: Fixing WordPress
In reply to: Hacked by iedla63wyers.rr.nuYou appear to be one of many in this regard, http://discussion.dreamhost.com/thread-134262-page-4.html
Forum: Fixing WordPress
In reply to: Hacked by dr-mtmrdHi,
Sadly, most of the people I’ve been hired to fix their hacked wordpress blogs were hacked due to outdated WordPress or plugins or outdated themes installed.Hackers are then taking advantage of the situation to inject their hacker back door scripts.
Suffice it to say, if you aren’t checking your blog at least monthly and/or not keeping your blog updated weekly / monthly it’s likely you’ll be hacked.
Your best course of action is first contact your host and get them to recover your website from backup. Once you have a clean copy in place then run (don’t walk) in making sure all your stuff is updated, all user/passwords changed, etc.
Forum: Fixing WordPress
In reply to: Can someone please help! I have been hacked…Hi,
I’ve written some notes on plugins to try as well to help reduce the likelihood of your being hacked, http://hackrepair.com/blog/hackrepair-com-security-tips-and-hack-notesMonitoring is key in preventing hacks from getting out of control.
Also, there still appears to be a lot of websites with the old Timthumb vulnerably, so add this plugin then check your blog, Timthumb Vulnerability Scanner
Once you run the scanner and it shows you are good then go ahead and delete it (as it’s done it’s duty).
Forum: Fixing WordPress
In reply to: WordPress 3.3.1 hackedYes, looking good.
