Hello,
Please check if all the files and folders have the correct permissions it should be 644 and 755 respectively. Also, disable the plugins and check once if you can login to wp-admin.
Also. can you see any suspicious files in your document root? and check htaccess file as well if there is any deny code present.
Login is not the problem, i can.
But calling wp-admin/update-core.php e.g. is an issue 🙁
Also i cannot upload plugins via backend etc
thanks for your post.
644 –> files
755 –> folders
are set
#BEGIN WordPress
RewriteEngine On
RewriteRule .* – [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteBase /
RewriteRule ^index.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
#END WordPress
-
This reply was modified 2 years, 3 months ago by
dakine77.
What about replacing all the WordPress files, plugins and themes with a fresh one ? Then you change all your credentials and install anti-malware plugin.
i made it to upload an anti-malware plugin.. now a second.. there are no issues.
:-/
all other plugins are all deactivated
would like to avoid complete new install
In fact what I fear is that some php files have been modified by the hacker. And this serves as a backdoor for him to enter.
Carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures and start backing up your site.
thanks for your feedbacks!
i´ll go through step by step
