website hacked

Our WP site was hacked last weekend. Luckily it was discovered, traced and the rogue files deleted within a few hours. And just to make sure, we restored a backup from before the weekend so we are 99% confident that all is OK now.

The index.html file added by the hacker was easily removed. It was only later that we realied a php file had been uploaded into wp-content/uploads. This file is large, over 3000 lines of code, and beyond our expertise to tell what it might have done to our site. Is it worth trying to find out? Or should we just be grateful that we got to it in time?

The hack came from Iran and the home page message was anti-USA and Israel. The hacker used an existing username to access the dashboard (red faces all round!)

I’ve taken steps to tighten security using the plugin Better WP Security, and I’m looking also at Website Defender. Will these conflict?

Any answers or suggestions gratefully received.

Sue

PS I know I should update WordPress and will do it this week. No more putting it off!