• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 469
  • Last Modified:

Wordpress hacked?

WordPress experts:

I noticed in my wordpress website that there is a comment with no author and I can't delete it.  I went into myphp admin and deleted it and sure enough it came back.  I did not think much of it but I have noticed a drop off of in inquiries. So I went to a proxy server and googled a common keyword I rank for and my site never loaded, when others did.  

Any ideas?

Do you think this is in my database?

If I had to make a new site would I need to redo the blog by had, so I don't import the hack?
0
jason94024
Asked:
jason94024
  • 2
  • 2
2 Solutions
 
Jason C. LevineNo oneCommented:
>> Any ideas?

One comment?  I doubt that one comment would drop you like that so you may want to really look at what's in pages being served.

>> Do you think this is in my database?

Obviously the comment is but more likely the server itself is hacked and someone is remotely running a script that inserts content or further compromises WordPress security for an additional hack script

>> If I had to make a new site would I need to redo the blog by hand, so I don't import the hack?

As above.  The database is probably ok but you need to figure out how this is happening before planning for the future.  To be on the safe side, I would plan on copy/pasting your current content somewhere for an eventual rebuild.

0
 
jason94024Author Commented:
Thanks

"pages being served." <-- is this something that I would see in the FTP files?
0
 
Jason C. LevineNo oneCommented:
No, just view source on all of your site's content and see if there is a bunch of stuff that shouldn't there (like a huge list of links in a hidden div)
0
 
jason94024Author Commented:
ok, I don't see anything in the browser when I look at the source.  I guess I will get busy changing sites.
0
 
c_a_n_o_nCommented:
If you use your FTP to access your files, check the file dates and see if there are any with more recent dates.  You will need to look at your Wordpress install, your theme, and your plugins for changes in dates.  If you determine that there are files with more recent dates and you know that you didn't update those files, I would suggest that these are your culprit.  Download one or more of them and look at their code to determine if any changes have been made.  If so, you may need to redownload Wordpress and the plugins to correct.  

Change your admin passwords.
Change folder permissions accordingly.
This plugin http://wordpress.org/extend/plugins/wp-security-scan/ is great to determine which folders should be at what specific permissions.
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now