0

My wordpress has been working fine (it is updated), and then this morning I got a warning from google about visiting my site. When I clicked on the details I got the message below. I went and disabled my comments all together. Deleted plugins that I think might have caused it. I am unsure what else to do. I need help to should I do now? Thank you for your time to hear my case!

What happened when Google visited this site? Of the 7 pages we tested on the site over the past 90 days, 7 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-03-07, and the last time suspicious content was found on this site was on 2012-03-07. Malicious software is hosted on 1 domain(s), including happynewyear.osa.pl/.

This site was hosted on 1 network(s) including AS29873 (BIZLAND).

Paula Dea Creo Bannerman
  • 11
  • An important tip for the future: Back up your database and your WP-content folder at least once per week! Just download it to your personal PC. If your WordPress gets hacked, you can easily restore your site then, withouth having essential losses, but being sure that it nothing malicious should have been done. Change all Administrator passwords after restoring the site and check your Plugins/Themes and your installation for security vulnerabilities. – Blackbam Mar 07 '12 at 21:44

4 Answers4

1

You need to be sure you completely clean your site to fix the hack, i.e. replace all core WP files and folders, check theme files for php code and links, etc. Replacing plugins and disabling comments is not enough.

Use http://sitecheck.sucuri.net/ and see FAQ: My site was hacked « WordPress Codex and How to completely clean your hacked wordpress installation and How to find a backdoor in a hacked WordPress and Hardening WordPress « WordPress Codex and tell your host. Change all passwords. Scan your own PC. You may need to consider changing web hosts, too, in order to find a more secure host.

markratledge
  • 17,322
  • 12
  • 60
  • 106
0
add_filter( ‘xmlrpc_methods’, function( $methods ) {
unset( $methods['pingback.ping'] );
return $methods;
} );

Security researchers have uncovered a recent distributed denial-of-service (DDoS) attack that used at least 162,000 WordPress-powered websites to knock another site offline.

M Arfan
  • 4,384
  • 4
  • 29
  • 46
0

You will find many tips there about Wordpress hack, how to clean it, ...
Many Wordpress Tips After Hack
But you will get many different tips about it ... just try to do your best with this website and using Google is the best way to clean it.

ChapMic
  • 26,954
  • 1
  • 21
  • 20
0

The important thing to remember is that any and every PHP file and all of the stored procedures of the database are now contaminated and need to be deleted. If any passwords were stored in the clear (such as login passwords) you'll need to change them too.

Once you've wiped all of those, you'll need to install a fresh copy of WordPress - and let this be a lesson to you to keep your WordPress up-to-date and not have as few plugins as possible on your site.

SecurityMatt
  • 6,593
  • 1
  • 22
  • 28