- This topic has 1 reply, 2 voices, and was last updated 4 years, 10 months ago by Tom.
January 13, 2016 at 5:53 am #165543Mike
My website has been hacked, and the affected files are all GP ones:
./public_html/wp-content/plugins/gp-premium/addons/generate-page-header/functions/ie.php ./public_html/wp-content/plugins/gp-premium/addons/generate-spacing/functions/ie.php ./public_html/wp-content/plugins/gp-premium/addons/generate-blog/functions/ie.php ./public_html/wp-content/plugins/gp-premium/addons/generate-secondary-nav/functions/ie.php ./public_html/wp-content/plugins/gp-premium/addons/generate-hooks/functions/ie.php ./public_html/wp-content/plugins/gp-premium/addons/generate-backgrounds/functions/ie.php ./public_html/wp-content/plugins/gp-premium/addons/generate-ie/functions/functions.php ./public_html/wp-content/plugins/gp-premium/addons/generate-menu-plus/functions/import-export.php ./public_html/wordpress/wp-content/upgrade/wp/wp.php ./public_html/wp-content/themes/generatepress/inc/add-ons/typography.php ./public_html/wp-content/themes/generatepress/footer.php ./public_html/wp-content/plugins/gp-premium/addons/generate-typography/functions/customizer/get-fonts.php ./public_html/wp-content/plugins/gp-premium/addons/generate-typography/functions/functions.php ./public_html/wordpress/wp-content/upgrade/wp/wp.php
I’m planning to uninstall and reinstall GP, but have you heard of anything like this before? Any ideas/tips?
January 13, 2016 at 10:11 am #165590TomLead DeveloperLead Developer
- This topic was modified 4 years, 10 months ago by Mike. Reason: Clarity of formatting
I’m no expert on hacking, but I fixed quite a few hacked websites in my freelancing days.
The most common reasons for getting hacked:
* Out of date WordPress installation
* Out of date plugins and themes
* Shared hosting/server security (GoDaddy used to be awful, hopefully they’re better now)
The most common files that were changed:
* Active themes and plugins
So first, make sure everything is up to date.
Then, go into your server via FTP and sort your files by date modified. It’s possible that some nasty code was injected in other files as well, including the core themes (Twenty Fifteen etc..) and files like wp-config.php and .htaccess.
Re-install GP Premium and GeneratePress, and remove the nasty code from any other areas you can find.
Change all of your passwords – WP, hosting, FTP, even your database if you can.
If your username is “admin”, change it.
Install a plugin like Wordfence to add a little extra security to your site.
If it happens again – I would look at your server. Shared hosting is notorious for stuff like this, and some hosting companies don’t have the greatest security.
Sorry this happened to you – super frustrating. The above should help you get back to having a clean site and hopefully prevent it from happening in the future.
- You must be logged in to reply to this topic.