That's a bummer I've been using BulletProof Security Pro (not an affiliate) which in my opinion is the best security plugin available. They also have a free version.

That definitely sucks, I feel for you. Another reason why I've been more than happy with WiredTree as my provider. Fully managed server, with daily/weekly/monthly backups.

Hate seeing these types of threads, you MUST backup your work people!

But how can they hack this much 7000 + websites? I found it by searching with the text they post on my front page. For my other sites I use loginlock plugin after it was hacked a year ago. No threat till now. This one is new and I did not bothered about security until it hit me hard.

But whatever we do I think these guys will get arround some way so backing up your files is the ultimate solution I beleive.

Anytime you read something like this, it's a reminder to go back up your stuff if you haven't already. Like.. do it now. Do it yesterday.

This kind of experience can be a real PITA, and it's happened to me on more than one occasion.

If you're on shared hosting, a lot of times this can occur when someone gets onto the server via a weakness in another hosting account, and then goes on to infect every website hosted there.

In addition to backing up your files on the server, you should also download the backup to your computer's hard drive, and burn the entire archive onto CD or DVD occasionally. That way, if you've backed up a rogue bit of code you can go through and find a 'clean' backup.

Also, I've found it useful to check the php scripts on my server every once in a while. Take a look at the Latest Visitors or Raw Access logs in Cpanel and look for a php script that seems like it's being run remotely. That could be a sign of trouble.

You should, of course, make sure you don't have any files with the CHMOD 777 as this is a back door to hackers.

Make your hosting provider aware that you've been hacked, ask them to look into it, and to check other accounts on the server. It's important that they find where the hacker is getting in, otherwise it will keep happening again and again regardless of what you do yourself – especially as your hacker sounds both prolific and an expert.

If your hosting company can't (or won't) help, the best thing to do is to take your business elsewhere and rebuild your site from scratch. A real nuisance, I know, but the only sure fire way to stop it happening again as the hackers may still target your domain.

Awhile back I had a site that was new with only a few posts get hacked. There was honestly nothing of value even on there yet...what's the purpose of something like that?

but some scripts require that for them to run

That stinks! Do hackers have something to gain by hacking a site? What I really do not understand are those whom send out computer viruses, they have nothing to gain and don't even know who's computers they messed up. HMM?:confused:

Is there a Wordpress plugin that will automatically backup your site at a scheduled time every day?

Well, these kind of guy will give your email back if you give him some bucks, he obviously gave his email for this purpose, so you can contact him: riquelli666@gmail.com
My friend 's got hacked too, so many victims these days, they can't do nothing about it. Based on short Google search, I am quite sure Joomla based website is more vulnerable against this type of attack. Watch out guys.

Hopefully your host can help you

Another reminder to always backup your site.

@awledd This hack usually defaced your wp-config.php but your files
and database are still intact so you can repair by creating a new wp-config.php

How well was your website doing before it got hacked? Just want to know that if hackers actually hack sites even if they not making money at all(which is my site)

your webhost offer daily backup ?

I had 2 sites hacked and buying security is a must(lesson learned).

Funny thing is when they hacked the sites they offer to fix it for money lol. I wonder how many ppl fall for that ?

What's the motive of these hackers. I think they have a random program that does the hacking business for them. Coming to think of it most of the sites that get hacked are of little value.

Still the best thing to do is back up the files... just being cautious.

You need to protect your website mate !

Well, there the backups come handy.
You know, if you were using WordPress, you could have used some free plugins to get your blog backed up on a regular basis.

Most probably exploited a loop whole in something that all the sites had in common. What host are you using?

Don't just solve it own your own let your hosting provider know about it too , in case if they need to fix somethings to avoid it repeating in the future.

I know exactly how you feel. It has happened to me in the past. Contact your hosting provider and see if they have a backup prior to your site being hacked.
I use WP twin now. Good luck.

The site is rather kind of new (not much article in it) They deleted important data and I have to start all over again. I didn't want to go through hosting b/c the articles and treaffic is almost insignificant.

It is a problem these days - hackers are annoyingly trying to fulfill their "hobby" and cause everyone else havoc.

But yes, make sure that you backup all of your online files - one tip is if you have wordpress be sure to configure your backups and have them saved straight to your dropbox account, that is unless your host does not do this already.

What a nightmare! So now, start keeping regular backups of your database and files. If this ever happens again, all you will need to do is restore from the last know clean backup and change your passwords and secret keys.

Like others I wander what happiness it gives them. If we say that it is for fame that they are doing it, then why don't they show up?

You should upgrade protection for your site. And be diligent back up your data.

I could have guessed you were using wordpress from the subject of this thread,

You can add as many security plugins that you want, but everytime you add a new plugin you open new security holes.

This happens to wordpress sites all the time because it is hog pog collection of code that does not always work together and play nice.

I'm not a big fan of wordpress!

Best regards,
Steve Yakim

This happened to me. I just went into my file manager on my hosting accounts and found the most recent files that had been updated. I then deleted these files which were index.php index.html and a third I then reuploaded the original index.php files changed my passwords updated my wordpress and plugins. Sent a very scathing email to the hacker who actually replied to me and told him he was a terrorist told the hosting company and now a different hacker is breaking in so I will be changing hosting providers.

Yesterday, a strange Red message appeared on my blog Home page. It was in both English and Spanish It said "Security Warning. Treat this URL like your password. Don't share it with anyone."

Have I been hacked?

I changed the theme and it seems to have been removed. However, when I reinstalled the theme, the warning reappeared. Any ideas?

Thanks in advance,
Joe Benevides