Malware warning!!
- Started
- Last post
- 30 Responses
- boobs0
Yikes! That looks to be over my head entirely!
- vaxorcist0
Does anyone know if "update wordpress" will fix any of these things, or is a more drastic install-o-rama-all-over-again needed?
- ukit0
I don't see how update Wordpress fixes anything on its own. Your files have probably been injected with some Javascript code that is causing the issue, therefore the only way to fix it is to find and remove the code!
- Although I suppose reinstalling everything would work too, but its overkillukit
- vaxorcist0
hmm.... finding the bad code in the haystack of code is the hard part...
re-installing may be predictable..... but of course may have to check to see if any database tables contain evil code too?!?
- ukit0
There are apparently many different variations on these attacks, but the ones I've seen will append a couple lines of Javascript to only index.html, index.php, or header.* files, along with perhaps any JS files.
So that many narrow your search considerably. It's often the "main" site file itself that is causing the problem. Makes sense, right? In order to attach this code to every page, it needs to go in a file that is called on every page.
There are also many scripts out there that you can use to search your server - so you may want to Google that as well.
- Fuck Google!! Putting the fucking warning on my site. Who made them cop of the goddam internet?boobs
- boobs0
So, basically, in trying to delete the malware scripts, I somehow also instituted a query which deleted all my content in the wp_posts file. So, all my articles are gone.
It looks like I get to spend a substantial portion of tomorrow rebuilding the site from the various drafts I had made of the posts.
So, how do I ensure that the site itself, and all those zillions of files in Wordpress, and all the stuff in the database is free of the malware hack?
Also, I found a mysterious user on the user list! Someone I didn't authorize as a user--someone I don't even know.
So, I don't know what to do. Part of me is thinking of scrapping the whole thing, and just putting up a regular html site. This WordPress business seems like a fucking lot of hassle, with it getting hacked all the time!! But, WordPress does have some nice features, and it's supposed to be the greatest thing. So who knows...
Fucking hackers!!
- ukit0
Basically the only thing that will fix it -
1) Find and remove the offending scripts
2) Change your password(s) - all of them (Wordpress, database, FTP etc)At least some of these attacks are occurring because the hackers were able to nab peoples FTP login credentials and actually access your server. So switching from Wordpress to static HTML wouldn't do you a bit of good.
- Check, check, check. Plus I put a hex on them hackers!boobs
- boobs0
Fucking hackers!