Jump to content

sahdes

Members
  • Posts

    26
  • Joined

  • Last visited

sahdes's Achievements

Newbie

Newbie (1/14)

0

Reputation

  1. username: sahdes server: Stevie domain: sahdes.heliohost.org / sahdes.org thank you
  2. Done. Meanwhile (before you renamed aa.php), on an automatic scan wordfence had found this [sep 01 22:35:46] Adding issue: File appears to be malicious: wp-content/aa.php [sep 01 22:35:46] Adding issue: File appears to be malicious: wp-content/isis.php So it's effective, it was me that missed the alerts. Sorry about that, henceforth I'll be on guard. Both deleted, a new scan produced Congratulations! No security problems were detected by Wordfence. So all should be OK. Thank you very much.
  3. Sorry, a clarification: I didn't try, I just updated WP and everything looked ok, my bad. This time I will. I've run this site for years and it had never happened something like this. UPDATE: I've found a backup from a year ago. If I fail to clean the site as it's now, I'll just restore that one.
  4. (sorry for my bad english) If you can, just please give me a couple of hours to try to get the site clean, whithout losing years of posts. I have the wordfence plugin which is pretty good on that. I have to use WP because it's for a non-profit NGO blog, I have to rest in some patform that allows the team to post stuff without depending on me. But I keep it always updated, with just a few and well known plugins and this wordfence to keep it secured, I don't know what happened. If I don't manage to clean it at first, I will erase everything. Let me know if that's possible.
  5. Thank you for your information. As you said, the site's heavily hacked, down again, and having changed the passwords was useless, I've even lost access to my CP. Now, when I try to reset password it doen'st work. I receive the mail, enter the code, and nothing happens, it keeps asking for the code. Direct link neither works. What can be done?
  6. I know, and I've installed wordfence to avoid those issues. But it's weird. This time, eveyithing within WP was intact, they just changed index.php, and it doen't seem have been done trhough the WP editor, as if they had gained access to my CP and replaced it there...
  7. Now the site's online again but it's been hacked by some terrorists!! I'm working on it That may have caused the high server load... update: I just updated wp and everything went back to normal
  8. username: sahdesserver: Steviedomain: sahdes.heliohost.org / sahdes.org No idea why. Thank you. Plus, I cannot access my CP either (I got the renew pw mail but the sent code doesn't work).
  9. Everything working fine. Thanks a lot!
  10. Hi. My database's gone. Here's the data: user: sahdes server: stevie database: sahdes_wp52 Regards.
  11. I installed wp by softaculous. I have no idea how that file got there. The site may have been hacked, it already happened once, some months ago. I did all that scans to make sure that wp-admin/config.php was the only infection. The plugin I installed (wordfence) detected the malicious code, indicated that it wasn't an actual wp file, and deleted it; and said that everything else was just ok. Thanks for your advice.
  12. Well, I scanned the full backup with antivirus (nothing) and anti malwares (nothing), the site itself with online scanners (nothing), and with a WP security plugin that just found a file with a line of malicious code, so I deleted that file. And I've changed all the passwords. Please let me know if now it's clean. Tank you.
  13. I'm already working on it, thank you very much.
  14. username: sahdes server: Stevie domain: sahdes.heliohost.org / sahdes.org Hi, I have no idea why my account has been suspended. Thank you.
  15. Look at my (hacked) htaccess: So, the hack's gone deeper than merely creating that folder... I've restored from the backup, it's all clean now. Thank you.
×
×
  • Create New...