WordPress Website Site Hack Problems – Last few months
-
Hi Admin / Customer Service / Developers.
I’m attempting to restore WordPress Website to my original (clean) site from a few months ago.
My WordPress Webste was hacked sometime in the last few months, perhaps when WordPress was hacked in February.
There is spammy text in the source code, and the site has since been running very slow, both live and during editing.
Please contact me, as I would like to attempt to install a backup of the site from before February, and remove all hacked spam text, and return my WP site to it’s original speed and efficiency.
Thank you,
[redacted]The blog I need help with is: (visible only to logged in users)
-
I assume you refer to http://hudsonvalleyfood.wordpress.com/
re: hacked accounts and blogs
If anyone is posting anything to your blog or removing anything from it, or changing anything in it, or if your blog has been deleted and you did not delete it, then it’s most likely that you have provided them with the ability to do so, either deliberately by adding them as official users, or by allowing them access to your login information, or by posting content that makes it easy for them to guess what your log-in information is.
For you the question that needs to be answered is: Who, aside from me, has access to my login information?
1. Go to your email program immediately and change the password to a very difficult one because that’s how many hackers gain access to blogs.
The recommendation is for one Admin per site with good reason. Nothing related to site-administration is off-limits for Administrators, including deleting the entire site. This is why we recommend having only one administrator per blog. https://en.support.wordpress.com/user-roles/#administrator See: Removing Users
https://en.support.wordpress.com/user-roles/#removing-users2. Immediately change your blog password to a very difficult one > http://en.support.wordpress.com/passwords/#change-your-password
You can also reset your password via your Settings tab on the WordPress.com home page:
http://wordpress.com/#!/settings/3. Read > http://en.support.wordpress.com/security/
Use a secure, encrypted connection to connect to your Dashboard. Under Users → Personal Settings, check the box that says “Always use HTTPS when visiting administration pages, and click Save Changes.
Use two step authentication http://en.support.wordpress.com/security/two-step-authentication/4. Run a security scan on your computer. See here to run a security scan http://geekflare.com/online-scan-website-security-vulnerabilities/
5. Never leave your computer logged into your blog and walk away from it. Always log out properly.
P.S. Staff have records of who did what under which username and login information and when they did it. This thread is tagged with modlook for a Staff follow-up. Please subscribe to it so you are notified when they respond. To subscribe look in the sidebar of this thread, find the subscribe to topics link and click it. Note that there is a backlog and be patient while waiting.
-
Hi, and thank you for the quick response!
I’m actually referring to josephlbriggs.com/
NOT http://hudsonvalleyfood.wordpress.com/
I am reviewing all these potential steps and issues now.
Best,
Joseph -
Hi Joseph,
My WordPress Webste was hacked sometime in the last few months, perhaps when WordPress was hacked in February.
josephlbriggs.com is a self hosted WordPress.org site, not a WordPress.com site. There is information about the differences between the two in this guide:
We are only able to help with WordPress.com sites hosted on our own servers, so I’d recommend speaking to your hosting provider (Unified Layer). They should be able to advise you about the next steps and may be able to provide a backup of your site before it was hacked.
Best of luck getting this sorted.
- The topic ‘WordPress Website Site Hack Problems – Last few months’ is closed to new replies.
WordPress.com Forums 