1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

My website has been hacked, how to repair it?

Discussion in 'Databases' started by patrick0001, Jul 14, 2011.

  1. #1
    My website http://88design.org/ has been hacked, the hacker inserted malware to my database. My database is store in .gz format, what is the tool to open and way to repair .gz file?
    SEMrush
     
    patrick0001, Jul 14, 2011 IP
    SEMrush
  2. j32olger

    j32olger Peon

    Messages:
    7
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #2
    .gz would appear to be gzip files. Go here to get a tool for your OS
    www.gzip.org
    HTML:
    . Although I suspect you'll need something else to view the extracted database files
     
    j32olger, Jul 14, 2011 IP
  3. wptheme

    wptheme Well-Known Member

    Messages:
    4,052
    Likes Received:
    346
    Best Answers:
    0
    Trophy Points:
    180
    #3
    You could easily just recover from your backup instead of fixing the injected database.
     
    wptheme, Jul 14, 2011 IP
  4. coder0403

    coder0403 Peon

    Messages:
    44
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #4
    try to check the source code too, hacker can put their backdoor to your source code
     
    coder0403, Jul 14, 2011 IP
  5. patrick0001

    patrick0001 Member

    Messages:
    340
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    28
    #5
    I really not understand, how those hacker can be so easy to injected malware database. This is my first time setup wordpress, I never backup it.....I think i have to resetup the entire site. By the way, does anyone found a software or tool to repair database? repair database is painful process.
     
    patrick0001, Jul 15, 2011 IP
  6. ProxyFreak

    ProxyFreak Peon

    Messages:
    57
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #6
    When you state repair, are you saying it is corrupted or just to get all of the malware out?

    There are many ways to fix a database, but need to now more than what you are providing.
     
    Last edited: Jul 15, 2011
    ProxyFreak, Jul 15, 2011 IP
  7. patrick0001

    patrick0001 Member

    Messages:
    340
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    28
    #7
    I need to get all of the malware out, is it hardly to trace which are the part impacted?
     
    patrick0001, Jul 16, 2011 IP
  8. mmerlinn

    mmerlinn Notable Member

    Messages:
    2,415
    Likes Received:
    353
    Best Answers:
    6
    Trophy Points:
    290
    #8
    All you need to do is to upload your backup website files. Since it was impossible for the hacker to destroy your backups, they are ready to go. You should be able to upload them in a few minutes and have all problems solved except the one about HOW the hacker managed to hack the site in the first place.

    If anyone ever hacks my site, I can have all 5000+ pages uploaded and working in less than 4 hours on a dialup. You should be able to do yours in less than 5 minutes.
     
    mmerlinn, Aug 9, 2011 IP
  9. Andre91

    Andre91 Peon

    Messages:
    197
    Likes Received:
    1
    Best Answers:
    1
    Trophy Points:
    0
    #9
    Mmerlin, I like you sig, but there also exist careless readers too.
    He said he doesn't have a backup.


    Lol, just kiddin :D
    Op if you're on shared hosting I'm definitely sure that there is a backup.
     
    Andre91, Aug 9, 2011 IP
  10. mmerlinn

    mmerlinn Notable Member

    Messages:
    2,415
    Likes Received:
    353
    Best Answers:
    6
    Trophy Points:
    290
    #10
    I quoted his problem EXACTLY as he stated it. It is not my fault his problem is something other than what he stated. Yes, I read all the posts before answering, but chose to answer his ORIGINAL question as originally stated.

    I did this MAINLY to point out that anyone that has no backups needs to learn to backup EVERYTHING one or more times. I have hundreds of backups of computer code (HTML, Basic, FoxPro, Machine, Assembly, Javascript, etc) should anything happen to the current code. I may lose a little information, but I will never lose all. I learned this the hard way years ago. One time I totally lost my current code and the four previous backups. Fortunately, I had one more older backup, so was able to recover over 95% of my code.
     
    mmerlinn, Aug 13, 2011 IP
  11. patrick0001

    patrick0001 Member

    Messages:
    340
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    28
    #11
    Thanks for all replied, I have temporary shut down my site. I will rebuild a brand new site, future I will create a backup copy.

    I am very appreaciate those member promt me to offer help, either free help or service charge help. By the way, does you are have wordpress security issue? recently I just heard lot of negative news from wordpress. I like wordpress feature, but also worry on security part.
     
    patrick0001, Aug 14, 2011 IP
  12. Rukbat

    Rukbat Well-Known Member

    Messages:
    2,908
    Likes Received:
    37
    Best Answers:
    51
    Trophy Points:
    125
    #12
    Wordpress is popular, so a lot of hackers try to hack it. Every time someone does, a new version comes out very quickly with that security hole patched.

    If you use a popular program, it gets hacked. If you want one that almost no one will waste time trying to hack you have to write it yourself. (That's why Windows gets hacked so often, but Mac OS doesn't.)
     
    Rukbat, Aug 24, 2011 IP
  13. patrick0001

    patrick0001 Member

    Messages:
    340
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    28
    #13
    Do you think those open source code is easier to get hack? why the same thing does not happen to drupal and joomla? is it they less popular?
     
    patrick0001, Aug 25, 2011 IP
  14. Rukbat

    Rukbat Well-Known Member

    Messages:
    2,908
    Likes Received:
    37
    Best Answers:
    51
    Trophy Points:
    125
    #14
    Wordpress is one particular program. Joomla and Drupal are libraries you can use to write websites. It's no easier to hack into a site that uses Joomla or Drupal than to hack into one that was written by hand. So there's no "popular Joomla site", because each site that uses Joomla is different. Wordpress sites all use the same program - Wordpress.

    It's like the difference between a bucket of words and a book. Libraries are just buckets of words - you can put them in any order you want.
     
    Rukbat, Aug 26, 2011 IP
  15. AliceWonder

    AliceWonder Peon

    Messages:
    41
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #15
    Wordpress gets hacked because there are a lot of poor programming practices that go into wordpress and the various modules written for it.

    For example, a web server should NEVER have write permission to a directory it serves. That's standard security 101.
    Wordpress developers seem to ignore that.

    Secondly, administrative login should NEVER be allowed over a non secure connection. Any administrative login should be done over https and administrative sessions should also be over https. Many user accounts are hacked by session theft, especially with the popularity of open wireless networks. If your login and session is over standard http, anyone on your subnet can read your cookie and steal your session ID. Yet every single WP site I have ever worked with has ignored this and does login / standard administration over standard http. If you really can't afford a signed SSL cert, then self sign one, it's better than nothing.

    As far as why Windows gets hacked so often, I'm a Linux advocate but the vast majority of recent cases I know of where a windows box was hacked, it was usually the result of poor system administration skills. Too many people out there who do not really know what they are doing, or maybe they do but are lazy.
     
    AliceWonder, Sep 1, 2011 IP
  16. lead2play

    lead2play Well-Known Member

    Messages:
    1,093
    Likes Received:
    14
    Best Answers:
    0
    Trophy Points:
    110
    #16
    But backup may not contain latest changes of the site :(
     
    lead2play, Sep 2, 2011 IP
  17. Rukbat

    Rukbat Well-Known Member

    Messages:
    2,908
    Likes Received:
    37
    Best Answers:
    51
    Trophy Points:
    125
    #17
    @AliceWonder:
    All true. But WordPress isn't GM's bank account. If a WP site is properly backed up, a hack is 10 minutes of annoyance. Anyone using WP for mission-critical or financial-critical data is someone who leaves a full wallet on a park bench in a foreign city - and expects someone to fly over to return it.

    @lead2play:
    That's up to the site owner, but less than daily backups are foolish.

    Bottom line? You set your security as low as a) you need it to be, b) you can afford it to be and c) your paranoia allows you to. One size definitely doesn't fit all.
     
    Rukbat, Sep 2, 2011 IP
  18. MoWarez

    MoWarez Member

    Messages:
    39
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    43
    #18

    First of all it has nothing to do with coding, 2end of all any site is vnul to a hacker depends on hackers intentions and interest. 9 out of 10 times hacker will target specific site for few reasons.

    1. For personal Gain
    2. For revenge
    3. To put drive by on your site.
    4. To put iframe on your site.
    5. You were just unlucky to be picked up by google spider when specific exploit has been published.


    Thats why its always best to remove version you running on site as most exploits are written for specific version of the forum/blog if you remove version you using hacker will have loads harder time to get in to your server.


    Main things you need to watch out for is phishers ( you can gogole up what that means it's most common ways of hacking admins that don't know about it )


    I have had a look at your server very breafly and only thing I found was TRACE method is enabled and what that means is this. "Attackers may abuse HTTP TRACE functionality to gain access to information in HTTP headers such as cookies and authentication data. "

    Easy fix
    Disable TRACE Method on the web server.



    I have not had deeper look on your server to tell you all the issues you have there. But if you like some more info about securing your server send me a PM and I will send you over my forum link where you can learn about server side security or web based security. After all that's what me and my team specialize.

    Good luck with your website.
     
    MoWarez, Sep 14, 2011 IP
  19. xorred

    xorred Greenhorn

    Messages:
    5
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    11
    #19
    I've used this service - http://nopasara.com/hacked-website-repair/ - cost a couple hundred bucks but now they protect all my websites, so... do the math. Rock-solid and happy as a dog now.
     
    xorred, Oct 7, 2013 IP
  20. PoPSiCLe

    PoPSiCLe Illustrious Member

    Messages:
    4,630
    Likes Received:
    725
    Best Answers:
    152
    Trophy Points:
    470
    #20
    Normally, I would agree that running logins (admin) over non-secure locations is bad, but this is a WP-site. Running the admin-login (or any login, since most logins to the admin part is exactly that - admins) over https seem to me to be something a bit of overkill. The better suggestion would be to not do this via open-wifi or similar - I'm assuming now that your home and work/student network is secure to some extent.

    However - WordPress as a basis is quite secure enough - the problem is that it's not made for security - as others have stated, write-access (but then again, almost all webservers gives PHP or other running services write-access to the webroot, simply because there are so many things that often needs to be written to a webserver), and non-secure logins, but the worst bit is all the different plugins. WordPress itself has a relatively competent developer suite running it, while plugins are often coded by one person, and therefore might not be up to scratch on security at all. If you don't personally go in and check every plugin you're running (the actual code), etc. you might leave your site open for attacks.

    However - the OP states his database has been hacked - that might not have anything to do with WordPress at all. Is he running an old version of PHPMyAdmin, perhaps? Is there security holes in the code (not WP necessarily)? Is the webserver and mysql updated? There are a lot of different attack vectors available, and there are quite a lot of ready-made tools one can use to check for possible exploits.
     
    PoPSiCLe, Feb 14, 2014 IP