My blackberry and my gmail account was ON FIRE Friday.
Users approached me with questions such as, "why would hackers create such attacks on their sites?"
To answer such a question, you might as well have ask, "why would a person do anything?" It's an answer that you'll be pondering for awhile, and then all of a sudden you'll resign to the true answer, which just may be the simplest: "Because they can." And you'll find that the time you've taken pondering such an act would be better spent on securing and prevention of exploiting vulnerabilities in your system.
A lot of infected/affected users have used some of the suggestions that I posted here, but ultimately, even if you've gone through the suggested items, the attack not only gets into your WP core files...but also your database. You'll have to reinstall fresh.
That means you can do it, or hire some guy to do it.
1. First fix the permalink structure. You can do so by entering your admin area, choose Settings. Choose Permalinks. And choose your preferred setting. Most of our users either have Day and Name or Month and Name. If I designed your site, I most likely chose Day and Name. Goto your plugins page. Note the plugins that you find necessary. Go to your Appearance tab, click widgets. Save all of the information that is present in your text widgets. Save it in some text file or something.
2. You will have to export your content in a WXR format (wordpress extended rss). To do so, while you are still in your admin, choose Tools and then Export. I would also suggest that users attribute all content to ONE user. I say this because since the hack is also listed, but not seen, as an administrator, you don't want to take chances.
3. Once you've made sure that you have the WXR file, you'll want to back up your site's theme files, and your images in your uploads folder. You can do so by FTP or by using whatever program that your host uses for file transfer. I know that GoDaddy has a java solution for this; Dreamhost uses a web application; and those that have cPanel (bluehost, hostgator, etc.) can use File Manager. Check with your host. Get busy.
4. Confirm that you have what you needed to save. Next you have to delete all of your wordpress files and its database. If you have used something with a one-click install, fantastico, etc., then I suggest that you check with that first. There may be a one-click uninstall as well. Being that the methods of uninstalling and installing WP can generally change from host to host, make sure that you follow THEIR instructions. Confirm deletion of files and database.
5. Reinstall WP with preferred or host-suggested method. Make sure that you are using the latest stable. Upload your uploads and theme folder. Set your permalinks. Add the latest version of your chosen plugins, paste in your widget stuffs, and finally import your posts...and pray that the plugins still work with the latest WP setup.
At this point, you're like "phew! I'm glad this is over!" Well, you've just installed the latest WP and got rid of the hack. You still have some work to do to fortify your installation. We'll deal with that a little later.
0 comments:
Post a Comment