Wow!\u00a0 It’s been a week of WordPress hacking MySQL backups and google trawling.<\/p>\n
Late last week I was working on oscMax and getting along quite well when I went to write a blog entry and discovered that my blog pages had been converted to some islamic protest site.<\/p>\n
Now just to make one point clear I am indifferent to religion, whatever works for you is fine, just dont try to force me to follow you because you must be right!<\/p>\n
That said, this entry is about the crippling effect of a hack and links to what I read and used to rectify it.<\/p>\n
Things I did wrong:<\/p>\n
Things I had done right:<\/p>\n
So I firstly closed up the site, renamed the compromised directory and contacted my ISP support to check logs. Their logs rotate to quickly and one of the security team was over-zealous and ‘helpfully’ removed all the files that were compromised….\u00a0 without noting the date\/time stamps on the files for me to be sure of when the hack occurred. I had noted that the files I saw were consistent with only being in place within the previous 24 hours but as he did not keep a list I dont know what else(if any) he found and deleted.<\/p>\n
I’ll write up some separate blogs on the various topics I encountered on this week long journey elsewhere, for the moment these are the references that I have used this week that I found helpful. Most from WordPress codex: <\/p>\n
Have a read of this first (dont do anything, read & think first): WordPress FAQ My Site Was Hacked<\/a><\/p>\n Download the latest version of WP from WordPress Download<\/a><\/p>\n For multi-user equivalent do this after installing WP: Create A Network <\/a><\/p>\n When it does not work: Debugging a WordPress Network<\/a><\/p>\n Noting that I updated this section with one of my issues: Debugging a WordPress Network \u00ab Other Lesser Known Issues<\/a> <\/p>\n