Dear Experts! My wordpress website is hacked by a group N30 and they have changed the admin passwords. I need your kind response to retrieve my website back. Regards
Looks like they have added a new index file (this doesnt looks like wordpress). Remove all the files via FTP. Install a fresh version of wordpress or upload the backup files (if you believe its safe). Change your FTP/cpanel password. Use latest version of Wordpress. Also inform your Host about this hack.
Yes, I have restored it now but I wanna know how it happened and what should I do to avoid this issue again.
Hi, I would start by reviewing your FTP login logs. If you are not sure what this is, then ask your host, "My site was hacked and I can you help me check my FTP logs to see if anyone has uploaded files other than me in the past week?"
What I do when I get hacked is I delete any untrustworthy plugins. Delete all unused themes from my theme directory and consider changing my theme to the default one until I'm sure I'm clean and not being re-infected. Then I check theses files for oddities: index.php wp-config.php wp-settings.php I check for and delete these files because they are malicious: /wp-admin/js/config.php /wp-admin/common.php feed_file.php feed-files.php udp.php /wp-content/uploads/r1.php /wp-content/uploads/lib.php /wp-content/uploads/am3.php /wp-content/uploads/create.php timthumb.php Then I check my .htaccess file to see if it was hacked. Then I check my wp-content/uploads/ directory and subdirectory for oddities I make sure all the blogs on my host are updated and repeat the process for any blog I suspect has been compromised... most of the time all blogs on a host will be compromised if one is... But it might be better to just delete all your wordpress files for each site and reupload them along with trustworthy plugins and themes. Hassle! Then after everything is restored I change my passwords to something temporary until I can prove that I'm not being hacked again.
most of such hacker change index.php or .htaccess files. Adbox posted some good steps about this. take regular backup of your wordpress blog.
Exactly same here. I was with Just Host, and had over 30 sites look like that one at one time. Been with Hostgator for years now without any troubles.