1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Wordpress and hack solutions

Discussion in 'Web Design' started by Designventures, Sep 12, 2012.

  1. Designventures

    Designventures Newbie

    Joined:
    Aug 29, 2012
    Messages:
    9
    Likes Received:
    1
    Hi
    Couple of my sites are hacked and got malwares Trojans etc

    I know backup restore is one solution but thats not an option in my case

    How do I fix the hack? Can somebody guide in detail please ?

    I have 600 posts so what do I do? If I export and import post in new Wp, will I get malware/Iframe injection on new site?

    Need help badly....

    Thanks
     
  2. fmOzilla

    fmOzilla Power Member

    Joined:
    Nov 11, 2011
    Messages:
    714
    Likes Received:
    384
    Location:
    C:\Windows\System32
  3. Designventures

    Designventures Newbie

    Joined:
    Aug 29, 2012
    Messages:
    9
    Likes Received:
    1
    Thats preventing the hack.... Any help on fixing it?
     
  4. jazzc

    jazzc Moderator Staff Member Moderator Jr. VIP

    Joined:
    Jan 27, 2009
    Messages:
    2,468
    Likes Received:
    10,148
    That should do the trick.

    Nevertheless, if you have an insecure (or trojaned by design) plugin/theme, you may be hacked again.
     
  5. Blackberry_11

    Blackberry_11 Regular Member

    Joined:
    Apr 17, 2011
    Messages:
    266
    Likes Received:
    19
    If you have complete idea about wordpress and its files and functions then you can do that easily. Only thing that you need to do is make sure that you only keep the necessary files and delete the other files that are not necessary.
     
  6. blackhacik

    blackhacik Junior Member

    Joined:
    Nov 25, 2010
    Messages:
    108
    Likes Received:
    8
    Home Page:
    Maybe change password and not save password in Total Commander. Passwords are not safety there
     
  7. MatthewWoodward

    MatthewWoodward Jr. VIP Jr. VIP Premium Member

    Joined:
    Aug 31, 2012
    Messages:
    992
    Likes Received:
    1,681
    Occupation:
    SEO
    Location:
    UK
    Home Page:
    Have a look in your index.php and wp-config.php and see if there is any malicous code present.

    Often it is buried right at the bottom of the files with lots of blank space to try and hide it a bit.
     
  8. SEO Sage

    SEO Sage Junior Member

    Joined:
    Jan 7, 2011
    Messages:
    112
    Likes Received:
    36
    Occupation:
    Search Engine Marketing
    Location:
    The Big Apple
    Home Page:
    There is a website scanner that is online (I don't have the link on hand sorry), but it will tell you what files are infected. Also if you type "security" into plugin search from within your wp admin, or just on wordpress.org, you will find a few good plugins that test and report for you. I just cleaned a few sites for past clients where a subordinate newbie forgot to properly set permissions in chmod... I quickly fixed what I could and then asked the hosting support to fix the rest. It is all quite simple once you know what to do! Good luck! :)
     
  9. MatthewWoodward

    MatthewWoodward Jr. VIP Jr. VIP Premium Member

    Joined:
    Aug 31, 2012
    Messages:
    992
    Likes Received:
    1,681
    Occupation:
    SEO
    Location:
    UK
    Home Page:

    I believe this is what your talking about http://wordpress.org/extend/plugins/exploit-scanner/

    Not sure why I didn't think of that =D Long day.... :p