My site was hacked. I have backups of both content and the database. However my full backups, that is, the ones with the files as well as the SQL contain malicious files. I only keep 6 weeks of full backups and apparently the hacker waited longer than 6 weeks before making use of the hacks and it was discovered. In short, I cannot trust the file content of the current site or backups. However, I do keep SQL for longer and I have un-hacked SQL.

Yes, both I and my host have scanned for malicious content. I have changed all host passwords, .htaccess files, scanned my PC, followed all sorts of threads on hardening the site, etc., etc., etc. But still I don’t trust the file content.

So I’m wondering if it would work for me to:

• Delete ALL my files.
• Reinstall WP, the themes, and Plugins from scratch
• Upload all my media library files
• Then restore the site’s contents by uploading the most recent un-hacked SQL I have on hand

Would this work?

Thanks in advance,
Andrew

Change the database password (and update wp-config.php to match).

And thanks for reminding me to manage the password before getting going.

Andrew

For example, I can go to https://www.mydomain.net/wp-admin/themes.php just fine. But when I click on “Customize” for a theme I am redirected to https://www.mydomain.net/wp-admin/customize.php?theme=graphene&return=%2Fwp-admin%2Fthemes.php (a blank page) Note that the URL contains the location of the previous page. Another example. I go to https://www.mydomain.net/wp-admin/widgets.php When I click on “Header” then I’m taken to https://www.mydomain.net/wp-admin/customize.php?return=%2Fwp-admin%2Fwidgets.php&autofocus%5Bcontrol%5D=header_image (which is of course a blank page).

I’ve disabled and deleted all plugins except for Display Posts Shortcode, Flexi Pages Widget, and Flexi Quote Rotator that are integral to how the site displays. I also have added Graphene Shortcodes in case that would help with the issue, but it didn’t.

I don’t know what’s happening and I don’t know how to fix it.

Any help would be appreciated.

Thanks in advance,
Andrew

• Themes works
• Customize does not work
• Widgets works
• Menu works
• Header does not work
• Background does not work
• Graphene Options works (when theme active)
• Graphene FAQs works (when theme active)
• Editor works

The other menu items: Dashboard, Posts, Media/Library, Pages, Comments, Users, Tools, and Settings all work.

Plugins seems to have an issue. When I first did the reinstall, I put back all my original plugins, but BackUpWordPress would give me the warning that I needed to have php5 and WP>3-something installed. I have php5 active and am using the latest WP. I deleted the plugin, but now when I try to reinstall it I get the error: “Installation failed: Internal Server Error”. I previously had Askimet installed, but deactivated and deleted it. If I try to add it back now I get the error: “Update Failed!”.

I’m still stumped.

https://www.ads-software.com/support/theme/graphene

I’m wondering, would it work to:

• Backup the SQL for each table individually
• Delete all the WP files
• Drop of the DB tables
• Re-upload fresh WP files
• Backup the DB
• Import my tables one-by-one, starting with POSTS and then OPTIONS, as these are the two areas where I’ve got the most work involved
• Use the backup to revert at the point an import breaks the admin controls

Thoughts?