Fixing a hacked wordpress site
25 Jul
Recently 2 of my wordpress powered websites were hacked. Not really taken down like traditional hacks but rather some random code or script was injected into the header and/or footer areas of the site. Both websites are on separate web hosts and in both cases sites were running wordpress 2.8 (not the latest one)
One solution is to delete ALL folders & files in your wordpress site but save the WP-Content Folder & wp-config.php file. Upload the new wordpress files and run the upgrade utility in your admin login area.
In essence this is how you manually upgrade your site
However sometimes your theme files could also be infected so running an upgrade would not help.
Another solution, and more proactive one is to make sure your files are secured and antivirus in place. I did the above solution but also installed these two plug-ins.
WP Security Scan
A robust plugin that secures your files, advises on read/write permissions, login lockout function, and more.
Read more and get the free download here: http://semperfiwebdesign.com/plugins/wp-security-scan/
Antivirus WordPress
Essentially this scans all your important pages and lets you know if theres any malicious or foreign code. You can then go to the relevant page and remove the code.
Read more and get the free download here: http://wpantivirus.com/
.jpg "songsofsea_003 (Medium).jpg")
.jpg "songsofsea_16 (Medium).jpg")
Oh, wow- this is really helpful, masha’allah. I’m so sorry that happened to you.