Last week my site was hacked (www.climbkili.com). I have changed all passwords and did what my web builder recommend and he’s still stumped:
Here’s what he suggested:
” I spent quite a bit of time doing the following…
I installed a fresh directory of wp-includes (since it appeared many of the problems were happening in that directory)
I deleted the “admin” user… that’s generally a security hole to leave it there
I reconfigured some of the files in wp-config.php to make the site more secure
I fixed one mistake in the homepage template… probably unrelated but a bug nonetheless
I installed a plugin called “exploit scanner” and scoured the results for more malicious code
I checked all the normal spots in theme files for malicious code to be hiding
I checked all the pages on the site again
I checked the wp-content folder in the normal spots for them to hide stuff
The only thing I may have found is that after I had done all of that, I disabled all the plugins and the site didn’t seem to have any glitches. So we may have multiple issues here… it may have originally been malicious code that did something, and now maybe some plugins are conflicting with each other. I don’t think you still have any malicious code, and I implemented a few things to hopefully keep it from getting injected into the site again.
So I would do 1 of 2 things…
1. Disable all plugins and enable one at a time until you find some problems
2. Hire a professional to fix it… unfortunately this really isn’t my department. In the past when I’ve been hacked I’ve spent hours and hours trying to fix something and finally handed it over to a professional that had it fixed overnight.”
I need this fixed ASAP and would like to know how and what got hacked. All my content still seems to be there, I just can’t seem to restore it.
Thank you.
