Jump to content

Cre8asiteforums

Web Site Design, Usability, SEO & Marketing Discussion and Support

send2paul

Host Support Instructions

Recommended Posts

Morning all :)

 

Generally the support from my host on things to so with my account is quite good. But just recently it seems like "the good" guys who I dealt with have left and I'm left with "newbies" who dip into generalisations and don't answer direct questions. Here's some concerning my Wordpress blog of which I'm having some potential issues with on the account:

 

Remove ALL third-party plugins/themes/templates/components after upgrading your software installations, and from those that are already upgraded under an infected user.

 

Soooooooooooo - does that mean I go to the "back up" Wordpress folders and manually delete all those old plug-ins and themes from there? And - can I just delete Wordpress back-up folders altogether?

 

I was also given a list of files that could have been hacked, they were all dump.txt files at this type of location -:

/home/username/blogname.com/wp-content/plugins/plugin-manager/dump.txt
My unanswered question was - Can I just go ahead and delete those files? Do I need these dump.txt files at all?

 

Appreciably this is not a Wordpress forum :) - but I do value people's judgements and advice here on Cre8asite far more than other place on the net!

 

Thanks peeps! :)

 

Paul

 

p.s. moderator types - please move this to a more appropriate forum if you think it doesn't belong here? :)

Share this post


Link to post
Share on other sites

No, you don't delete anything from backup folders. You delete the plugins from the actual plugins folder in the real wordpress installation folder. Just like they show in the example you quoted (except blogname.com is your blog's url).

 

Yes, you can delete the dump.txt files completely. No, you don't need them.

 

However, cleaning a hacked site isn't usually this simple. Just because you get rid of the hacked files, doesn't mean you've gotten rid of the access the hackers used to hack it to begin with, so they may simply rehack it. Resources:

 

http://codex.wordpress.org/FAQ_My_site_was_hacked

http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/

Share this post


Link to post
Share on other sites

Thanks Donna :)

 

They did give me other things do, but they weren't so clear on those particular files. Having looked through them myself they just seemed to show actions that had been taken with plugin-ins, and NOT any kind of "malicious" coding activity, but as I'm not sure about "these things" - it was always best to ask :)

 

And I'm well on the way to changing passwords etc etc.

 

Thanks again!

 

Paul

Edited by send2paul

Share this post


Link to post
Share on other sites

p.s.whilst I'm here.... I've discovered a small text file which just has the following in it:

<?xml version="1.0" encoding="UTF-8"?><tree ><require_auth/></tree>
and a .php file called php-update.sh which contains:
<tree><require_auth/></tree>

 

The "update" one was modified on 12th Sept 2006, and the small text file was modified on 8th April 2011. Note the small text file is alarming called "hackedfiles.txt" . This time last year I had a HUGE problem with my account which I eventually resolved. I'm presuming this has something to do with that?

Share this post


Link to post
Share on other sites

No idea, sorry.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×