Our Wordpress Site Has Been Hacked

[bapak]

Our WordPress site has been hacked.... and our original designer has disappeared.

Any budget minded Guru available to assist?

See: www.gostudyaustralia.co.th

[bangkockney]

You have your FTP and mySQL details right?

And a DB backup?

[manarak]

You have your FTP and mySQL details right?

And a DB backup?

as bangkockney said, the above is necessary, as well as a backup of the files themselves if the site was using modified files or a custom theme.

administration panel and/or SSH login details would also be useful.

[Somtamnication]

Those sql injections can be pure evil. Did you update to the latest wp?

PM me if you need assistance. I work on wp, but not 100% guru like other 12 year olds . I have a few wp sites online.

[manarak]

Those sql injections can be pure evil. Did you update to the latest wp?

PM me if you need assistance. I work on wp, but not 100% guru like other 12 year olds . I have a few wp sites online.

at least SQL injections are easy to fix and fend off!

ftp password spying is more common these days

[bapak]

You have your FTP and mySQL details right?

And a DB backup?

Have all the original accessible from the server. Latest WP has been installed. I had no involvement in the setting up of this site and designer cannot be located. Believe I can FTP.

[Sydneycraig]

See if your host can restore is first step ... Then if so change all passwords and make sure everything is up to date.

[bapak]

See if your host can restore is first step ... Then if so change all passwords and make sure everything is up to date.

Had server delete account and then restored from a backup of 1 month ago. Situation remains the same.

[huahinjoe]

Yeah to restore the backup would be a quick solution but if you dont have it just export the content, import to a new WP installation and install new theme.

[innerspace]

I can help fix if needed but not tonight. If still problems send me a message and with the access details can sort the issue tomorrow.

Host lots of wordpress sites and maintain around 20 web servers, this is all second nature.

[BlackPuddingBertha]

Latest WP has been installed.

I dont think so:

meta name="generator" content="WordPress 3.3.1"

I cant see anything very serious with this. Just delete the content of the hacked page from the back-end, point the front page to whatever it used to be and do all the updates that Wordpress warns you about so clearly (how come people cant see these?). Then see what happens.

Signed: your friendly neighbourhood 12 year old.

[manarak]

See if your host can restore is first step ... Then if so change all passwords and make sure everything is up to date.

Had server delete account and then restored from a backup of 1 month ago. Situation remains the same.

Then you've got something installed that has known vulnerabilities.

Deactivate any third party plugins and custom code.

[ITGabs]

I am a ninja wordpress with some magic skills

[dumpling]

Deactivate until they have resolved the issue with the hack that has occurred, once it has been sorted reactivate.

[Thailand]

http://www.bbc.co.uk/news/technology-22152296

[Farma]

This is part of an email I received from my web host today.

There is currently a global, distributed effort to attack WordPress
websites with low quality administrator passwords. This attack is highly
organised, using over 90,000 IP addresses in an attempt to guess the
administrator password for WordPress sites, and the attacks are
affecting web hosts right around the world. xxxxxx is deploying
a series of counter-measures to help protect our customers against
these attacks. However, due to the nature of the attacks, the best
course of action is for customers to ensure their WordPress sites are up
to date, have strong admin passwords and incorporate some additional
form of security to protect their site's admin section.

As the first important step in protecting your site, we encourage you
to ensure your WordPress admin password is one that conforms to the
strong password guidelines provided by WordPress.