The Hack Repair Guy
Forum Replies Created
-
Forum: Fixing WordPress
In reply to: Phishing WarningWhen I go to your site I see this unexpected Hosting company promotion.
You doing this purposely?
Pic: http://goo.gl/m4HihGAnd likewise, I see that the bitdefender website is marking you as a phishing site.
I would go to them and work to clear your reputation with them to start: http://trafficlight.bitdefender.com/info?url=Forum: Hacks
In reply to: Cannot Log into Admin Panel site hacked all-open-24Ok, so try this first.
Log into your File Manager or via FTP, and rename your .htaccess file.Does that allow you access?
Forum: Hacks
In reply to: I am getting hacked evry two weeks? Help pleaseThis is totally fixable.
Someone just need to work through the upgrade of all scripts, change all related passwords and other recommended tips above.If you are not able to do so, have someone who is more expert in WordPress review your files and work to remove the malicious ones.
Unlike your home PC, there is no quick “virus removal script” or fix for this sort of situation. Someone will need to manually review all files respectively.
Forum: Hacks
In reply to: Site Hacked – Fixed but cannot share on Social MediaI’ve seen this before as well. This is likely caching. My experience has been that Facebook does not always pull from your website direct, but pulls from a cached copy and possibly even Google search.
That said, this usually clears within a few days. So if you are sure your site is no longer harboring this sort of stuff, then it’s just a waiting game for Facebook to update their “cached” copy of your site. Check periodically.
Forum: Fixing WordPress
In reply to: Site hacked?Yes, you should assume your site is compromised.
Next, I recommend you log in and look at your “Users” list to see if any other accounts exist (which you did not add personally).
Then make sure to reset both your Admin users passwords (in WordPress)
and likewise the email address password (at your email service provider) you set in WordPress.Report back here regarding what you find.
Hi,
Wordfence is an awesome tool for checking your site, though it has it’s limits. Though the plugin may find “some” exploitation scripts, it likely will not locate all.You really need to dig in on your own and work through the list above and spend some time reviewing your site files for “files out of place.”
1.
Change all WordPress related passwords, including your email account password.2.
Ask your host to run a full malware scan on your site to help you ID those scripts sending junk email and the like.3.
Invest in some good monitoring once all back in place, like Sucuri, HackGuard dot com, CodeGuard, 6Scan, or other site monitor services. Most are $10 or fewer a month and well worth the price of admission for a few months.Forum: Fixing WordPress
In reply to: Website possibly hacked?Someone most definitely added that upload snippet to your page.
If I were in your situation, I would go back and find the original theme files, remove the existing theme and replace from my virgin backup.
Changing all related passwords would not hurt either.
Forum: Fixing WordPress
In reply to: I think i got hackedHi,
Yes, sadly, your site has been compromised.At a minimum you’ll need to work through the process of reinstalling your WordPress core files, along with a good cleaning of your theme (install theme from an older backup if you have one).
May be worthwhile for you to likewise run though and do a thorough review, changing passwords, at host, your email account passwords, WP passwords, etc.
Forum: Hacks
In reply to: Posts been added to live with no knowledge to usersIt’s still very possible a hacker has placed a script on your site, which they are using to inject their junk posts.
To start, I recommend reviewing the different files on your site via FTP to see if you see anything out of place php script wise.
Forum: Fixing WordPress
In reply to: Site Hacked byNicely answered rngdmstr. Kudos!
Forum: Fixing WordPress
In reply to: How to Remove Malware Hack of SEO Spam links in HeaderYes, sadly, there is no quick fix.
Below are a few of the steps I recommend in recovering from a compromised site situation.
– Convince your host to recover to an older version with the hacks.
– Or, contact an expert to clean your site of malicious code.
– Once recovered make sure all is updated to latest versions.
– Change all web site related passwords.
– Install security plugins, and research methods to better secure your site.
– Contact Google once all is clear and submit a “request for review” if needed.
– Contact Google and see the “Fetch as Google” option within your Google Webmaster./var/www/html/wp-content/backup-ba63c/wordpress_wp_20140729_615.sql
is a backup, so just delete it and you’ll be fine.Likewise, .sql indicates file is just a text file and is not executable, so it’s not a threat in this case.
Yes, it is suspicious that you have that giberish in one of your posts or pages. Have you tried going to both posts and pages and typing that text in the search box?
Forum: Fixing WordPress
In reply to: Sites showing only index listingGenerally speaking, files can’t be deleted unless someone manually deletes them. That some but now all were deleted is somewhat scary.
Yes, I do recommend you restore from the WordPress repository dowload, and then be sure to change your WordPress Admin(s) and FTP passwords as well.
Forum: Fixing WordPress
In reply to: Sites showing only index listingCheck directory for the “index.php” script.
Uploading that file back into your directory should resolve the issue.Forum: Fixing WordPress
In reply to: Website DisappearedHi,
Bluehost does have a recovery option that usually goes back a week or so.
Recommend discussing the backup recovery options with them next.