Blog Hacked

So, that’s your problem, not theirs. Find the reason yourself, they will not help you because they are not concerned about the security of their servers ????
Maybe it is their fault?

Imagine your house was robbed, and their is no sign of forced entry. You asked the police, how did they do, what should you do to increase your security? And the police said: it’s your problem, we will not help you.
It is the same situation here.

I don’t even know how to check the stupid log files. ??

Could it be they just messed up your files but didn’t hit your database? A hacker once hit a website I work on and replaced all the index pages with his own delightful work. However, nothing under the surface was hit. You noted all your files were taken off, not that the blog itself was all out of whack. Unless I missed something.

Everything really important is in the database, so if you re-install you might find nothing has changed.

Didn’t see this more hopeful solution mentioned thus far and so I thought I would throw it out there.

I cannot access my admin page. the file appears to be there when I look in FTP, but my dashboard appears to be MIA.

All I can get out of midphase is that it’s a wordpress hole. Very frustrated.

Do you have access to your database? Do you have the password and username for that so you can try doing a new install of wordpress with all that info?

When I got hacked it turned out the hacker cracked the main password and mucked around, but he didn’t get deeper and so all the database stuff was perfectly fine. It was all cosmetic. Because WordPress keeps most everything in the database it may have weathered this attack better than you realize. I had to clean up the mess but all the core data was preserved.

or maybe not a new install. I’m a bit of an amateur at this, so maybe someone else could better say how to put up all new files that connect to an existing database. Is that the upgrade path?

Yes, I have access to the database, but wouldn’t a new install overwrite anything that was still left?

I am still arguing with my host over payment of the $30. They say it is my fault because even though they provide WordPress through their server, it is my responsibility to update the software at least every 2 weeks, and that is why I was unprotected from whatever hole the hackers used.

I personally think that’s crap, but what do I know.

“because even though they provide WordPress through their server, it is my responsibility to update the software at least every 2 weeks”

horsecrap.

the software doesn’t HAVE an update every 2 weeks. and you might want to ask where in the hosting contract that it states that it’s your responsibility to do any updating.

short of this, to save yourself the headache, choke down the $30 to get the site back up and running first, then get another hosting company (preferably one that others have heard of – these fly by nights like yours are nothing but trouble, i don’t care how “affordable” they appear), change your nameservers, and move on. rule of thumb – if it looks like the company’s using a pre-made template for their site, it’s probably some theif trying (and failing) to make some money. for all you know, they hired someone to do this so that they could grab your $30.

I do intend to move hosts as soon as I get my data back and running correctly. I am in no way defending my hosts, because I’m pretty pissed off at them, but I wouldn’t say they are fly by night. I’ve had service with them for 3 years without a bit of trouble until now. This particular trouble is bad enough that I’m done with them, but I feel like I need to defend myself by saying that I really wasn’t trying to cheap out or take the easy way or anything.

I still can’t get an answer out of them as to what “hole” was exploited or how to avoid this in the future other than “update every 2 weeks,” which like I said, I think is crap. I wish they could tell me where the problem occured so I can ensure it doesn’t happen again.

I have my logs but have no idea how to read them.

Nor can I get a satisfactory answer as to why I need to pay for a restore.

Please don’t think I was trying to offend you in any way – I didn’t mean to sound like I thought you were being cheap or anything… not at all. (Hell, everyone likes a good deal, right?) I was just stating that you really never know what’s behind a company that isn’t really well known is all. I mean, for all you know, the person who started the company 3 years ago was honest and reliable, but then he sold it off to someone less honest or reliable. Just spitting out scenarios is all, did in no way mean to offend you! Sorry if it came out that way.

I think it’s extremely shady that they won’t help you read your logs, and that they want to charge you the equivalent of over 4 months of hosting in order to bring back a site that you did nothing to destroy. And the only reason I suggested you just pay and go is because it doesn’t appear that they’re going to be of any help, and if you try to move hosts now, your site will no doubtedly be lost completely.

oooooh now I must apologize because I was NOT offended and I’m sorry if I sounded like I was!!! But I think that if I HAD chosen a server with no history and this happened, I would be somewhat more responsible than I feel I am. I hope that makes sense.

I’m still trying to convince them to do the restore for free, if they won’t budge by tonight, I’ll just pay the $30 and be done.

I pay by the year with them and have no idea if I have a contract. Somehow, I suspect that I do and I’ll have to pay to get out of it. ??

Copy this to them if you wish:

“If your host genuinely believes that WordPress has a vulnerability that they have discovered they owe it to the wider community to submit that information – without delay – to [email protected]. Until then, it’s entirely their problem.”

and if it IS a WP problem – why is it on THEIR fantastico?

—

On a sidenote, people do ask here about good hosts.
A host that holds data for ransom will get negative publicity. Very much so.

Thank you!!! Here is what I sent them:

“If you genuinely believe that WordPress has a vulnerability that allows this type of thing to happen, you owe it to the wider community to submit that information – without delay – to [email protected]. Until then, I really don’t see how you can blame WordPress or myself for this problem and I again ask for you to restore my data immediately at no cost to myself.”

Also, can anyone recommend a different host that I could check out? I use my host for 2 blogs, a large website, and storage for all of my pictures and videos.

Thanks for all of the very helpful assistance through this problem.

Dataflame is good. Note: that’s my affiliate link right there, so I get paid if you sign up. But I wouldn’t recommend them if I didn’t trust them. Personally, I regard them as rock solid hosting, it’s fast, reliable and the tech support is good. Obviously, you need to make up your own mind, bit I’ve certainly never had any problems with them.

They also let you make your own backups of the database, and it’s free ??

affiliate link? not cool, maerk… not here.

—–
I happen to love godaddy, though you’ll find that some people don’t – it’s a love ’em or hate ’em kind of company.

I know that podz uses asmallorange.com and I’ve heard others rave about 1and1.com as well. Do your research, of course, but make sure you ask questions before signing up with them. If they’re not even willing to answer you back (or they point you to a FAQ page) given the circumstance you’re coming from, then run away. Just MHO.