Site Hacked

  • Hi
    My website was Hacked
    I cant access to wp-admin. I have a redirection go to url rewriting
    I can access to Cpanel but i dont know what I can do
    Thanks for your help

    • This topic was modified 4 years, 3 months ago by anthov50000.

    The page I need help with: [log in to see the link]

Viewing 8 replies - 1 through 8 (of 8 total)

  • I go to url rewriting

    I’m not sure what you mean by this, but if you really believe your website has been hacked, kindly follow the guidance here to clean up your website.

    FAQ My site was hacked

    When you’re done, follow this guide to protect the site against future attacks:

    Hardening WordPress

    Good luck, and stay safe!

    Thread Starter anthov50000

    (@anthov50000)

    I read the guide
    but I cant access to Wp-admin
    Canonical url of the website was changed

    What can I do ?

    • This reply was modified 4 years, 3 months ago by Jan Dembowski.

    but I cant access to Wp-admin
    Canonical url of the website was changed

    URL: https://www.sotipsters.com
    Canonical: https://go.donatelloflowfirstly.ga/go.php?0=0/ (different domain)

    What can I do ?

    Follow the official guide to change the URL of your WordPress site back original address. You didn’t need to login to dashboard first: you can make the change directly in the database (using PHPMyAdmin in your cPanel) or in your wp-config.php file (use your cPanel’s File Manager). Both options are explained in the official documentation below:

    Changing The Site URL

    Thread Starter anthov50000

    (@anthov50000)

    I read and follow the guide

    In phpmyadmin, Home and URL are good
    I removed the theme
    It’s Same
    I cant access to wp-admin

    The redirect could be happening in a plugin or your active theme (or some a backdoor script injected somewhere in any file or folder on your site).

    If you maintain backups, it’s probably easiest to switch to a pristine backup taken before all this started.

    If you have don’t maintain backups(ahem!)… you need to manually search your WordPress files and folders AND database to find and remove the hack that is causing this redirect. (As you can’t access the dashboard, it’s not possible to use a plugin to automate this).

    I would even backup my uploads folder locally, delete all the WordPress files and folders, re-install WordPress, plugins and theme, and restore my uploads folder (after thoroughly checking all folders to be sure there’s nothing hiding in there).

    The FAQ I linked to earlier has links to 3rd-party articles on how to search for backdoor scripts and clean up a hacked WordPress site.

    PS: I don’t find donatelloflowfirstly in wp_posts, but I do find it in wp_options (_transient_bsr_results and bsr_data). Would the query you offered be different for suchg a case?

    Hii I am also facing the same issue but i can access the wp- admin and have same issue on two sites hosted on bluehost.com hosting. What should I do now??

    Thread Starter anthov50000

    (@anthov50000)

    1/Restore a clean backup

    2/ Search a file same _a.html with js inside “Donatello”

    3/ Search in your DB “Donatello” or “Donat”. You will find it in wp-options sure

    4/ clean all transient

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Site Hacked’ is closed to new replies.