Hi , I use wordpress and someone hacked my website. Hacker added about 50 html files into folder http://hackspc.com/wp-content/plugins/facebook-like/advancement/attachment/ that has backlink to website: http://www.expert-lender.com/ I removed all files and changed FTP and root password , but after two days he hacked my website again and put restriction that I can't delete files , Hacker added file different permission do directory , so that I can't delete it . See the image http://hackspc.com/wp-content/uploads/2012/07/hakirana-stranica-1.jpg Now I can't delete files in directory http://hackspc.com/wp-content/plugins/facebook-like ??? The main problem is that when I go to webmaster tool - > Traffic -> Internal links I see a lot internal links that point to hacked pages http://hackspc.com/wp-content/uploads/2012/07/hakirana-stranica-5.jpg In robots.txt I added this code : User-agent: * Disallow: /wp-admin/ Disallow: /wp-includes/ Disallow: /wp-content/plugins/ Disallow: /wp-content/themes/ http://hackspc.com/robots.txt but still google indexed that hacked pages Can someone help me how to fix that and how to protect my website ?
Have you reviewed your access logs and do you know the system "owner" of the files? Alot of time hackers will hack the server then from the root account on that server add files or replace files on the websites on the server and since the hacker is root the files they replace or add would only be able to be deleted by the root user. I would suggest trying to figureout first whether it was actually your blog that was hacked or if it was the web server your on and your website is just a vitcim of a hacked server.
What we do when we take in clients that have gotten hacked is we restore with original files and rebuild their site step by step to ensure won't happen again after we analyze the log files.
Tiffany's way of doing things is the only reasonable one. A backdoor can be a one-liner in a random file on your web directory - there is no 100% way go being sure your website is clean. About Google links, not sure how long you have been having the problem, but it takes a while for Google to take that stuff out of their logs.
You have to get to the root cause and plug that hole that made it happen. Could be out of date wordpress, plugins, or theme exploit (timthumb) Here's a huge diy guide to securing and hardening your WP website if you can't hire someone to take care of this: http://www.jtpratt.com/how-to-fix-a-hacked-wordpress-blog/
You (jtpratt) are absolutely right. Most of the WP hacks occur due to outdated plugins or themes. Only use WP modules which has good user rating/reviews.
yes really its very good posting and advise also.... i need more information to protect the website also is there any other ideas tooo?