14 {{ upvoteCount | shortNum }}
14 {{ upvoteCount | shortNum }}

Wordpress hacked. Need advice.

by Dean Dhuli
12 replies
Hey guys,

My computer got infected with a virus a few days ago... and
long story short, my FTP account password got compromised
and the account got hacked.

Now, many of my sites were wordpress blogs and the hacker
has only meddled with the index.php and wp-admin/index.php
files in most cases.

So what I'd like to know is... is it possible somehow reverse
the damage and return the sites to their previous state?

I've already asked the host (Hostgator) if it's possible to do that
and I got the standard answer -- that they don't have backups
of the sites since my account's inode usage is high.

What do you guys think I can do here?

Start afresh?



Thanks in advance,

Dean Dhuli.
#advice #hacked #wordpress
  • Profile picture of the author Intrepreneur
    It would take a lot of programming knolwedge to backup your sites.. This is a terror for you and I feel your pain.

    Maybe someone out there can help you.

    In the mean time I have a PC product that will help you understand what is required for you to stay safe and what you should be doing to keep viruses out.

    If you want to be a test dummy for it.. I can talk with you on skype, or some sort of IM program to sort your PC out.

    Best of Luck.
    Signature
    SEO, copywriting and backlinks service UK
    {{ DiscussionBoard.errors[854716].message }}
  • Profile picture of the author EWPotentials
    Hello Dean,

    In most cases your hosting provider does constant backups.... This had happened to me in the past, not hack, but problem and I contacted the hosting provider and they performed a restore from their end.... It however cost me $75.00 but it was well worth it.... It would have taken me hours upon hours to have recreated and repaired the problem....

    To Our Success,

    Philip J. Mutrie
    Signature
    Six Figure Shortcut - http://www.10KShortcut.com

    Phil Mutrie Blog - http://www.PhilMutrie.com

    Tom and Jerry Games
    {{ DiscussionBoard.errors[854719].message }}
  • Profile picture of the author TheRichJerksNet
    Dean,
    Have you got your problem fixed ???

    James
    {{ DiscussionBoard.errors[854938].message }}
  • Profile picture of the author WendellC
    Dean -

    Hi.

    I may be wrong, but I think if you just FTP the original index.php file you should be OK.

    Typically the index.php file in Wordpress blogs just makes calls to other functions and mySQL database that stores all your content.

    I'm guessing the hacker only wanted to replace your blog's home page so by restoring the index.php you will probably get your whole site back and working again.

    Hope this helps.

    Wendell
    Signature

    List your no opt-in product here for free: No Opt In Required

    {{ DiscussionBoard.errors[855152].message }}
  • Profile picture of the author BrianMcLeod
    Man that sucks, Dean.

    Just commiseratin'...

    Got no advice if you don't have a local backup.

    Good luck, I'm sure it's a pisser right now.

    Brian
    Signature
    Brian McLeod
    {{ DiscussionBoard.errors[855167].message }}
  • Profile picture of the author Harry Behrens
    Originally Posted by Dean Dhuli View Post

    Now, many of my sites were wordpress blogs and the hacker
    has only meddled with the index.php and wp-admin/index.php
    files in most cases.
    IF the hacker has ONLY meddled with those two files, then you can safely replace them with the original files that came in the zip file when you downloaded WordPress. Those two files never get changed no matter how you setup your WordPress installation (unless you go in and change them yourself for whatever reason).

    Ideally, only the stuff in the wp-content folder is even different in any way from one installation of WP to the next, providing they are the same version number.

    However, if you are not experienced with this, I would get a WP specialist to take a look at your site personally before you try to do anything yourself.
    Signature

    - Harry Behrens

    {{ DiscussionBoard.errors[855310].message }}
  • Profile picture of the author shakti2u
    I think uploading the files again would restore it. If not, get someone (Specialist) to look at it. But, try it yourself first. I always keep a copy of all files on my sites on my home computer. That way I can restore it if I need it. I even have copies of files I'm not using anymore so that I can use them again if I need to. Just make a folder on your desktop and label it your website's name and put all the files in there. I have a folder with the main name of my website and sub folders inside for each campaign or type of thing I do and one that is just misc. stuff I don't use anymore. Also, if I am using a template or PLR, I will keep the orginial file so if I mess it up and need to start over I can.

    Sylvia
    Signature
    Raise $250,000+ in 7 Days!

    70+ PLR for Internet Marketers
    {{ DiscussionBoard.errors[855326].message }}
  • Profile picture of the author bauger
    If you always backed up your database then fixing your blog be easy. I have a daily back up of my wp database so all I have to do it reinstall it if my site gets hacked.

    I also keep a copy of all the themes and plugins so I can easily fix it. You can try just reuploading those files to see if that fixes it.
    Signature
    {{ DiscussionBoard.errors[855356].message }}
    • Profile picture of the author radhika
      If you can login into your wordpress admin panrl :

      1. Login > Disable all plugins.

      2. Rename the folder. (something like oldWP)

      3. Do a fresh reinstall.

      4. Search google for 'Wordpress security". You will get tons of links. Secure it as much as possible.

      .
      Signature
      Follow up Autoresponder PRO :: 33% Discount!!
      FREE Upgrades! IMPROVED Email Deliverability!!
      {{ DiscussionBoard.errors[855768].message }}
  • Profile picture of the author Dean Dhuli
    Hi everyone,

    Thanks for your suggestions... and commiserations.

    Have you got your problem fixed ???
    No, James, still working on it.

    I may be wrong, but I think if you just FTP the original index.php file you should be OK.

    Typically the index.php file in Wordpress blogs just makes calls to other functions and mySQL database that stores all your content.

    I'm guessing the hacker only wanted to replace your blog's home page so by restoring the index.php you will probably get your whole site back and working again.
    Yes Wendell, that's right!

    The guy at hostgator sent me a list of files that the hacker had altered.

    Most of them were just index.php and wp-admin/index.php. That's why I'm
    hoping they can be restored.

    Will try replacing those two from the original theme files and see how it goes.

    In the meantime, if you guys have any more suggestions I'd love to hear them.


    Thanks again,

    Dean.
    {{ DiscussionBoard.errors[855909].message }}
    • Profile picture of the author edhan
      Originally Posted by Dean Dhuli View Post

      Hi everyone,

      Thanks for your suggestions... and commiserations.



      No, James, still working on it.



      Yes Wendell, that's right!

      The guy at hostgator sent me a list of files that the hacker had altered.

      Most of them were just index.php and wp-admin/index.php. That's why I'm
      hoping they can be restored.

      Will try replacing those two from the original theme files and see how it goes.

      In the meantime, if you guys have any more suggestions I'd love to hear them.


      Thanks again,

      Dean.
      Please remember to CHANGE your password before doing so. Otherwise he will be able to change it again.

      You should do regular backup for your website database in case worst thing happens.

      For wordpress blogs, you can use the backup plugin to download the database as backups.
      Signature

      Be blessed with Thai Buddha Amulets & Tibetan dZi to accumulate wealth, health & good fortune
      Build your own community business
      Article Directory Source Code with blog & Classified Ads
      Understanding the cycle of Karma & Merits

      {{ DiscussionBoard.errors[856018].message }}
  • Profile picture of the author TheRichJerksNet
    Dean,
    See your PM ....

    James
    {{ DiscussionBoard.errors[855929].message }}

Trending Topics