I think I've Been Hacked – Now What

  • I noticed today on one of my blogs that underneath the title where the tag line is someone had gone in and put their name.

    I opened up another blog to see what was the procedure to do this. Looks really simple. However when I go to the first site, the one that was hacked, and look in that same spot- where the tag like is, it is unchanged.

    The hacker somehow made changes- put her name in- in such a way as it’s only visible and unchangeable.

    My questions are:

    1. Is this hopeless? Is it impossible to change that?

    2. Is there a way I can take all the text and everything on my blog and easily transport it to a new on? In a sense, abandon the one she’s hacked?

Viewing 4 replies - 1 through 4 (of 4 total)
  • Andrew Nevins

    (@anevins)

    WCLDN 2018 Contributor | Volunteer support

    It’s not hopeless, you just have an annoyingly tedious and time-consuming process ahead of you.

    You need to start working your way through these resources:

    https://codex.www.ads-software.com/FAQ_My_site_was_hacked
    https://www.ads-software.com/support/topic/268083#post-1065779
    https://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
    https://ottopress.com/2009/hacked-wordpress-backdoors/

    Additional Resources:

    https://sitecheck.sucuri.net/scanner/
    https://www.unmaskparasites.com/
    https://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html

    In a sense, abandon the one she’s hacked?

    Not quite, the text lies in the database and it is possible that the hacked code lies in the database too.

    Thread Starter Sheila VG

    (@sheila-vg)

    WordPress is a great invention but it is not worth, “Annoying tedious and time-consuming.” I probably couldn’t do all that anyway. Thank you for your suggestion though. Would you happen to know if I can transfer my WP blog to another platform? Would I have to be a paying customer to do that?

    Thank you,
    sheila

    You should choose a password that is long and alpha-numeric with symbols like “H@ckTh!sP@$$w0rd” (obviously, don’t use that). Second, disable registration, unless you want it enabled for some reason. Third, get a decent firewall plugin and hide the wp-admin/login.php, change permissions for remote directories and files. Another thing is backup frequently, so you can just restore when something drastic happens. Another very important thing is disable the ability to modify code within wordpress; basically disable the code editor. That way, unless the “hacker” has ftp access they will not be able to modify your code.

    CHANGE ALL YOUR PASSWORDS ASAP: FTP, MYSQL, WORDPRESS; CHANGE EVERYTHING.

    I have 2 versions of my website: I run one in a local environment using WAMP and develop with that; and have one on my remote server, which I upload to when I finalize changes. Which is great practice because then you can just import/export as needed and won’t have much of a loss.

    How to do those things is a simple google search, since a multitude of links annoys you, I’ll let you figure the rest out.

    *EDIT*
    If you don’t have a lot of modified code there are some plugins that will scan your wordpress files against the vanilla files and will display every piece of code that has changed. In plugins search for security, there will be a ton of security plugins. Wordfence Security is good, All in one WP Security&Firewall is good. Or try something else. Choose what seems best for you.

    Andrew Nevins

    (@anevins)

    WCLDN 2018 Contributor | Volunteer support

    You should talk to your hosting providers about abandoning your WordPress site, and they should be aware of your hacked site that can cause vulnerabilities.

    There’s nobody to pay at www.ads-software.com.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘I think I've Been Hacked – Now What’ is closed to new replies.