Jump to content
All visa questions and fresh Immigration updates here ×

Our Wordpress Site Has Been Hacked

bapak

By bapak
in IT and Computers

 Share

Recommended Posts

manarak Ruby Member

manarak

Posted
Posted

You have your FTP and mySQL details right?

And a DB backup?

as bangkockney said, the above is necessary, as well as a backup of the files themselves if the site was using modified files or a custom theme.

administration panel and/or SSH login details would also be useful.

Link to comment
Share on other sites
manarak Ruby Member

manarak

Posted
Posted

Those sql injections can be pure evil. Did you update to the latest wp?

PM me if you need assistance. I work on wp, but not 100% guru like other 12 year olds . I have a few wp sites online.

at least SQL injections are easy to fix and fend off!

ftp password spying is more common these days

Link to comment
Share on other sites
bapak Silver Member

bapak

Posted
  • Author
Posted

You have your FTP and mySQL details right?

And a DB backup?

Have all the original accessible from the server. Latest WP has been installed. I had no involvement in the setting up of this site and designer cannot be located. Believe I can FTP.

Link to comment
Share on other sites
bapak Silver Member

bapak

Posted
  • Author
Posted

See if your host can restore is first step ... Then if so change all passwords and make sure everything is up to date.

Had server delete account and then restored from a backup of 1 month ago. Situation remains the same.

Link to comment
Share on other sites
BlackPuddingBertha Gold Member

BlackPuddingBertha

Posted
Posted

Latest WP has been installed.

I dont think so:

meta name="generator" content="WordPress 3.3.1"

I cant see anything very serious with this. Just delete the content of the hacked page from the back-end, point the front page to whatever it used to be and do all the updates that Wordpress warns you about so clearly (how come people cant see these?). Then see what happens.

Signed: your friendly neighbourhood 12 year old.

Link to comment
Share on other sites
manarak Ruby Member

manarak

Posted
Posted (edited)

See if your host can restore is first step ... Then if so change all passwords and make sure everything is up to date.

Had server delete account and then restored from a backup of 1 month ago. Situation remains the same.
Then you've got something installed that has known vulnerabilities.

Deactivate any third party plugins and custom code.

Edited by manarak
Link to comment
Share on other sites
Farma Platinum Member

Farma

Posted
Posted

This is part of an email I received from my web host today.


There is currently a global, distributed effort to attack WordPress
websites with low quality administrator passwords. This attack is highly
organised, using over 90,000 IP addresses in an attempt to guess the
administrator password for WordPress sites, and the attacks are
affecting web hosts right around the world. xxxxxx is deploying
a series of counter-measures to help protect our customers against
these attacks. However, due to the nature of the attacks, the best
course of action is for customers to ensure their WordPress sites are up
to date, have strong admin passwords and incorporate some additional
form of security to protect their site's admin section.


As the first important step in protecting your site, we encourage you
to ensure your WordPress admin password is one that conforms to the
strong password guidelines provided by WordPress.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.







×
×
  • Create New...