You've Been Hacked, Now What? Getting WordPress Up and Running Again
-
Upload
jeremy-green -
Category
Technology
-
view
257 -
download
1
Transcript of You've Been Hacked, Now What? Getting WordPress Up and Running Again
You’ve Been Hacked. Now What?Getting WordPress Up and Running Again
Jeremy Green
@greenhornet79 endocreative.com
[photo of freaked out]
Where Do I Begin?
1. Backup Hacked Site Files
• Site files
• Database
2. Got Shared Hosting?
your site infected site
infection
server
3. Update FTP and MySQL Passwords
Option #1 Restore From a Backup
Manual Method
1. Drop infected database tables
2. Import Clean Database Tables
3. Delete Infected Site Files
4. Upload Clean Site Files
5. Enter URL and Database Settings
Using BackupBuddy
1. Find Backup and ImportBuddy Files
2. Upload Files to Your Server
3. Navigate to ImportBuddy URL
4. Choose Backup File
5. Enter URL and Database Settings
5. Enter URL and Database Settings
That’s great, but…
I don’t have a backup…
I don’t have a backup…
Option #2 Start From Scratch
1. Download Everything Fresh
WordPress
Plugins
Theme
2. Delete WP files on Your Server
3. Upload Fresh Files
4. Move Uploads Folder
5. Go to yoursite.com
6. Update WP Admin Passwords
5. Enter URL and Database Settings
That’s great, but…
I have a custom theme/plugin/etc…
Check Theme Files for Backdoors
• eval()
• base64()
• <iframe>
Check Theme Files for Backdoors
Sort Files by Date Modified
Check for Suspicious Files
5. Enter URL and Database Settings
That’s great, but…
Hire a professional.
Jeremy Green
@greenhornet79 endocreative.com