Recovering from compromise

  • Hi,

    I have a wordpress installation that was compromised back when the malicious 2.1.1 version was on the server, but it was only recently discovered. Can somebody suggest appropriate recovery procedures so that I can keep my posts without excessive copying and pasting? I.e., should I treat the database as dangerous or only the PHP files? If it’s only the PHP files, then overwriting them with known good files should be sufficient. If the database should be considered dangerous, what is my best course of action?

    Thanks,
    -Jon

Viewing 1 replies (of 1 total)

  • Look through your users table in the database, make sure everything looks sane. The PHP should only be dangerous, though.

    You could also use WordPress’ export function. Export the database, etc. Delete the entire WordPress installation, and start fresh, and then import that backup.

    Good luck!

Viewing 1 replies (of 1 total)
  • The topic ‘Recovering from compromise’ is closed to new replies.