Lately I receive a lot of messages from my virusscanner about websites which I should not trust……
At that point I am able to decide “not to open those sites”….. and sometimes I even send the administrators of the sites a little warning about this.
BUT; this week I had the same warning ON ONE OF MY OWN BLOGS !!!
Yes – I did get the warning that MY ONW SITE had “a virus on it” – malware connected to iframe…
I really had no idea about “what happened”…. but it was a sure thing = it was not safe to go to my website…..!
BUT; that blog is getting (on some days) more than 400 unique visitors a day…. so I needed to get it fixed right away !!
Lucky me; I was a bit prepared – as I am running that same site on my local server for random tests….
The tip of todays “OnMyWordPress”…. is not going to be “how to make sure your WordPress site is not getting hacked” = I will try to explain “how to fix it” after the hack has happened.
And why the fix instead of protecting..??
The protection is not going to give you a 100% guarantee – just like you protect your house – preventing to get it on fire… = BUT you also need to know what you should do once a fire started !!
My tip would be;
Once your site is running; take a back up of the whole WordPress installment to your own computer; maybe via the FTP client program (see this post).
At the moment your site is hacked (to receive this warning – you do need a good virusscanner like Avast) – you should replace the infected files.
Via your FTP client program – you can check all the WordPress files and you will discover all kinds of WordPress files which have another date than most of the others….
For example; index.php // wp-config.php // wp-settings.php will have different (closer) dates than the rest of files…
Pls remember that date… !! And go through to all the files of your WordPress installation – and you should replace all the “strange” dated files with the once you kept as a back up on your local computer….
At least; this is how I did repair my site……!!
To be sure with the files AND maybe you would like to see what has been changed within the php files; you can open “the infected ones” in Notepad ++ and compare them with the ones you have saved on your computer; most cases – the first line (right after <php – has been changed.
Again; BACK UP is very important !!
Good luck UNhacking… !!
Series of OnMyWordPress;
- ThemeHybrid (theme)
- Admin Favicon (plugin)
- AdSense Manager (plugin)
- Akismet (plugin)
- Future Posts Calendar (plugin)
- WordPress hacked via iframe (tip)