First I thought it was a false alarm but when i reached home, I couldn't access to my site. My own avast was blocking all the infection. So I figured something had wrong. It was my first time hosting a site, and I didn't wanted Google to show my site as unsecured.
I was using wordpress 3.0.1 with "erudite" theme. no other plugins.
I don't want google or other search engine to ban my site from search results, So here are some (desperate) steps that I took:-
- Backup of Data:- I used my website admin tools to get access to my wordpress database and then exported all the data to my computer. after all its your work and it shouldn't be wasted. My site provides an easy way to export the database using "PhpMyadmin". phpmyadmin has an export option that can be use to export your data to a text file. This backup is very usualful if you need to change wordpress database name. In most cases it wouldn't be necessary though.
- Change FTP password : I guess hackers some how accessed my ftp password, or used sql-injection techniques to transfer the infected code to my index.php file. Any ways I changed my ftp password to a secure and hard to crack one.
- Deleted WordPress:- Then I deleted all word press files. (Yeah its better to delete it and then install a fresh one, rather then cure the infected file yourself. You can remove 'Extra Melicious code' from your webpages,but i guess wiping is better ;) )
- Note for users:- Created a html page in my site saying that my site is undergoing maintenance.It is great for your traffic, otherwise people may go like "WTH, this site was working yesterday".
- Upload the original installation: If you have original installation of wordpress in your computer , you can upload them back and get your site to its original state easily.
- Access modification : Change file permissions on your site so only you can write them.
1 comment:
i found this topic helpful and interesting ...!!
Post a Comment