Web hotel disabled site, malicious code

  • dweeb

    (@dweeb)


    7 years, 6 months ago

    I have made a website for an NGO of a friend.

    Today the site was taken off the air by the host provider. When asking about it, they say the site is hacked and needs to be fixed.

    Looked for info on hacked sites here. Seems that since I’m a beginner with php/coding, for me the best thing would be to just reinstall WP (?).
    I’m okay with that, my skills in finding and removing code are pretty non-existent. I can build and maintain a WP site, but nothing more demanding.

    I can get into C Panel and see the web hotel has changed the site name to something else, like a temporary address.

    SO: can I just install a new WP-site to the original address..? Or do I need them to do something?
    I have used Installatron for the earlier site, can I just do it again?
    And can I assume my database is intact, I even seem to have a copy of it…?

    Any help is appreciated!

Viewing 6 replies - 1 through 6 (of 6 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    7 years, 6 months ago

    Get a fresh cup of coffee, take a deep breath and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are a couple.

    Thread Starter dweeb

    (@dweeb)

    7 years, 6 months ago

    If only I were a coffee drinker.. I’d’ve empited several pots by now…

    The guides you provided (thanks!) are about the same ones I tried to seek help from earlier.
    The problem is, I can’t do what the guides tell me to.. I don’t know how to to check where and what kind of malicious code there is. I don’t know what is supposed to look like what. I looked at files using the File Manager and tried to find what were the most recent ones.. but the info doesen’t tell me anything…
    I can’t use any plugins since I can’t get into the Dashboard and my skills at using FTP are very low.

    That’s why I thought installing (again) a new version of WP, new Theme and new plugins would be the thing I can do.

    I did take a backup of the files and also exported the database from phpMyadmin, buut that’s where my abilities end..
    Like the guide tells me to “If you have SSH access to your server…” aaaaa.. I don’t even know hat that is!? 😀

    So finding and cleaning the code seems to be beyond my capabilities..

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    7 years, 6 months ago

    You don’t need to look for malicious code. Replace *all* PHP files. Trust nothing. Get a fresh copy of WordPress, fresh copies of your plugins and themes. Clean up via FTP and upload the new plugins, themes, and WP via FTP. Then check the *one* file you keep, wp-config.php. Compare to wp-config-sample.php.

    Please read the guides carefully.

    Thread Starter dweeb

    (@dweeb)

    7 years, 6 months ago

    Willing to do the work, but sorry for repeating myself 😀

    “Replace all php-files” = how?
    Get a fresh copy opf WP/theme/copies = how? Since I can’t access the dashboard…
    Clean up via FTP = how…?

    I have now changed the admin/password for the site.

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    7 years, 6 months ago

    Please contact your host to find out how to access your server via FTP. Most hosts have guides for that. Get a copy of filezilla (available for Windows, Mac, and Linux); it’s my favorite FTP client.

    Download WP, plugins, and themes directly from ww.wp.xz.cn.

    You might want to hire someone to do this for you. I recommend the folks from WordFence or Sucuri.

    Thread Starter dweeb

    (@dweeb)

    7 years, 6 months ago

    Thnx. I have used Filezilla before, I can try that.
    The thing is, they want me to be the hired hand for this 😀
    So I’ll try!

    Thanks for the help!

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘Web hotel disabled site, malicious code’ is closed to new replies.