Talk:My WordPress site was hacked

From DreamHost
Jump to: navigation, search

If you can, please make suggestions for changes here, rather than editing the main article.


Lizbet 16:12, 1 March 2012 (PST)

Caution: Simply restoring a backup may not fix the hack!!!

In the event of a hacked website you may attempt to restore your files to a time prior to the hack via the DreamHost control panel. We keep backups primarily for the unlikely event of catastrophic hardware failure so we do not guarantee backups for any specific time period, or that they are necessarily available at all. Note that simply replacing the damaged code with old code from before the attack is not effective alone, as this will not address the attack vector that let the hacker in. Unless you find and fix the vulnerability that allowed this to happen in the first place, you will remain susceptible to continued hacks.

Don't make me break out the blinky text!!!

Lizbet 20:08, 1 March 2012 (PST)

I wonder whether it would be good suggestion that if they had a theme that was defective or one using timthumb, that they install timthumb verification plugin. Also I wrote a new wiki about hardening wordpress on dreamhost and I was wondering wther we could cross reference each other


Suggestion for Wordpress Malware Removal

Whenever I come up against a Wordpress hack I follow this process:

- Backup the site

- Download the latest version Wordpress

- Change the DB credentials and WP-Admin Credentials

- Create the new wp-config file and generate new salts

- Manually check through the theme files (assuming that you are using a custom theme)

- Move the clean theme files over to the new wp-content directory

- Reinstall all necessary plugins

- Create a new htaccess file by deleting the old one. In the dashboard go to Settings >> Permalinks >> Save. This will generate a new htaccess file.

- Go into your filemanager or command line and check / correct the permissions. 755 for directories, 644 for files, 444 for htaccess.

I follow the guides on here. The blog has come in handy numerous times. Step by Step Wordpress Malware Removal