My wordpress blogs (6) of them on one hosting account has been hacked. GoDaddy has tried to help correct the issues, and left me hanging. the htacess files are changed, wp.config, and who knows what else. Hopefully this is the right thread to post, but I need an wp expert to go into the hosting and undo the mess. Any thoughts on where and about how much this might cost? Thanks
I don't know about godaddy ( if the services include backup files ) if it does than you got no problem, but if they don't than you might wanna cry contact them once again I can have a look if you want goodluck
Any clues why the htaccess files keep changing after I set them right? I delete them, reinstall them, then an hour later they are all changed?
Sounds like someone has access to your hosting account, you're going to need access to an SSH client and then do the following: Disable all FTP accounts once you confirm you have SSH access Install and use a root kit scanner suitable for your set-up Change all passwords (This includes mysql, control panel and all of it) Reset all WP passwords to strong passwords and e-mail your users new passwords Disable any Wordpress accounts which have higher access then they should have Update Wordpress to latest version Set all perms to 755 and check the ownership of files Don't forget that Wordpress will access and change the htaccess file if a hacked module has been installed or as a matter of course when you make changes to the permalinks or other system settings. I can help, I have many Wordpress sites, e-mail if you are interested in professional paid help. Paul.
If you want to migrate to a VPS for more control and a "clean" IP compared to who knows what you are sharing an IP with on GoDaddy, send me a message. I can make a $5 - 10 per month VPS run very efficiently.
Hey thanks all, for the advice and offers to help here. What I didn't like about the whole experience with Godaddy was day 1 I contacted them. They sold me on site security for each domain in that hosting at $4 each per month. Ok, then each rep offered advice step by step. What was so funny was they pointed out the obvious. First my htaccess was corrupted, ok the guy says delete the portion and that’s it. 1 hour later the malware rewrites all htaccess files on its own. Changed them back 20 times, it kept changing back. I go to my recently site security and it says all sites are fine, Godaddy says Oh, that’s because site security only scans the surface. Google finally blacklisted one of my sites that sits #1 for the keywords.....I spent 16 hour days for almost 2 weeks, eyes bugging out. I had the old version of timthumb.php which is known to be a vounerabiliyty, I updated them all. Ultimately I called the godaddy security team, I guess it is only available to those that subscribe to "site security" after three supposed fixes, and the fourth time was the charmer. He found two other files we hadn't found before, I don't remember exactly what they were, but I deleted them. Throughout this ordeal I must have changed all the ftp , database and Wp passwords 3-4 times! The moral to my story is first. Be careful about where you get your WP Themes. 2. Same thing with plugins. 3. Update, Update, Update... Again, kudos to you guys for the support!
Run a virus scan because a lot of viruses look / sniff for FTP passwords since FTP is a clear text, non-encrypted protocol.