Ciotti
Forum Replies Created
-
Forum: Fixing WordPress
In reply to: wordpress exploit, site hacked [newportalse.com]Done, just want to let everybody know that the recommended course of action worked for me.
READ THIS POST: https://techspheria.com/2011/08/phpremoteview-hack-what-it-is-and-how-to-remove-it/
It goes over some more files that need to be deleted, which in all honestly, should be everything, as stated before in this thread.
However, some of the files in that post are in the wp-content/uploads file, SO MAKE SURE YOU CHECK IT!
Forum: Fixing WordPress
In reply to: wordpress exploit, site hacked [newportalse.com]I’ve followed Ipstenu’s advice to a T and it has been working so far, just keep your hand steady and stay away from wp-content/uploads ??
That seems to be where all of your content is, the rest can be easily replaced if it gets deleted (just plugins and things like that, reinstall your theme as well).
I’m doing this from my FTP client.
Forum: Fixing WordPress
In reply to: wordpress exploit, site hacked [newportalse.com]I’d be interested if anyone continues to get flags for this hack after dealing with the Javascript file mentioned. Good luck folks.
I have, but I’m going to follow Ipstenu’s advice and delete everything except wp-content/uploads, do a fresh install and change all passwords.
We will see if that works.
Strange thing is, the Sucuri scan says my site is clean, but I got a email warning from their service?
I also don’t see any of the files supposed to be there from this guide: https://techspheria.com/2011/08/phpremoteview-hack-what-it-is-and-how-to-remove-it/
…after I re-installed WordPress, but I’m going to delete everything and do another fresh install anyway.
Forum: Fixing WordPress
In reply to: wordpress exploit, site hacked [newportalse.com]So, following your instructions, the sites would not lose any backlinks to them as along as wp-content/uploads etc. does not get deleted?
Sorry for all the questions, but I guess it’s how we newbies learn.
I’ve already changed all passwords to everything, should the next step be to log in to my FTP client and delete everything that you’ve stated minus wp-content/uploads?
Forum: Fixing WordPress
In reply to: wordpress exploit, site hacked [newportalse.com]Don’t you lose all of your links when you re-install?
I haven’t gotten any more warnings on the backend (yet), can Sucuri comment on what they think is going on here?
Why would the site come up clean if there was still code apparently on his site, does the scanner miss these filed?
Forum: Fixing WordPress
In reply to: wordpress exploit, site hacked [newportalse.com]Thanks for all of the advice in this thread, really appreciate it as I’ve just had this attack happen on my site.
I’ve used Sucuri and I can definitely recommend their service, will be following up with all of the suggestions in this thread so try and make my sites secure from this nonsense.