Wordpress Hacked

erzoolander used Ask the Experts™
I don't quite understand a few of WordPress's functions, as it pertains to being hacked.

I have a folder of XML files.  When I look at the actual XML files (downloading and inspecting the actual file) - they're fine.

When I browse to the file on the server - it comes back as an HTML document - with "Hacked by so and so" on it.

How is the actual XML file being intercepted and then rendered as an HTML file?  Is it that xmlrpc thing?  Or?

Is that a function of WordPress?
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Senior Consultant
Awarded 2017
Distinguished Expert 2018
The probably modified the HTACCESS file and forced URLs to redirect.
Restore the default HTAACESS file
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress

Open in new window

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial