Recovering from a hack

  • Hi,

    a few weeks back when all the wordpress updates started happening because of the security issues, I was a victim of my wordpress website being hacked…

    this hack has resulted in my website acting faulty, a bunch of images are now broken, they appear as missing in the media library but they are in the database as-well as in my server at their right locations.

    My website now does not want to load (im guessing because it keeps looking for images or links which are broken)

    Ive tried re-generating thumbnails it doesnt work, ive tried re-uploading images on the server and then running the re-generate and that still doesnt work.

    and since I have woocommerce installed I cant just create a new wordpress content and start re-building the content (it would be a pain but its tolerable) but with woocommerce theres just no way to do things properly.

    so if my database really is damaged what are my options from here on out?

    any help would be appreciated

    Thanks,
    Jeff

Viewing 3 replies - 1 through 3 (of 3 total)

  • I’m sorry your site was damaged. By your description, your site may still contain malware.

    Your images are not in the database. Your images should be stored in wp-content. The standard location would be in wp-content/uploads. However, your location may be different.

    Have you deleted all files other than wp-content and wp-config.php and loaded new core files? Have you deleted and replaced your theme and all plugins with new copies. This is not advised for modified themes and plugins.

    Have you taken steps to clean the database and the wp-content file of malware? I know it is logical to start at the source of the problem, your broken links and images. But if your problem is caused by malware, removing the malware will fix your broken links.

    Thread Starter exxelmarketing

    (@exxelmarketing)

    what I meant from the images being in the database was that the links that point to my images on the database are correct which would be in the wp-content/uploads as you mentionned.

    I have not gone ahead and installed a fresh install of plugins and theme as I didnt think that it was the issue but you bring up an excellent point that if there is malware in it then it would be a good starting point.

    A godaddy rep had told me to download my whole file onto my computer and run anti-virus on it which I have done and it has come back with nothing…

    What are the steps to clean the database and wp-content from malware?

    thanks,
    Jeff

    There is not a lot of information about cleaning hacked databases. This article discusses the process: https://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/ .

    I personally think downloading to a desktop and looking for malware has a very low chance of finding existing malware.

    As for looking for malware in wp-content, it’s a tedious job. I use Wordfence with all the scan choices selected and Anti-Malware and Brute-Force Security by ELI to look for damaged files. There are other good scanners but they MUST be server side scanners.

    The delete step before reloading is important because you will remove any non core files that contain malware. And you don’t have to spend time hunting them.

    Stubborn hacks make take a lot of digging and looking. Good luck.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Recovering from a hack’ is closed to new replies.