Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

Is my website hacked/infected

  • 07-02-2016 04:32PM
    #1
    faceman
    Moderators, Category Moderators, Arts Moderators, Entertainment Moderators, Social & Fun Moderators Posts: 16,681 CMod ✭✭✭✭


    Looking for some help please. Google stopped running an adword campaign as they said my website had become infected. My site is www.lowerthetone.com

    I ran an online site check via Norton and it says there are 22 computer threats.

    My site is a hosted customised Wordpress site.

    Any idea how I go about resolving and addressing this?


Comments

  • #2
    Blowfish
    Registered Users, Registered Users 2 Posts: 5,112 ✭✭✭Blowfish


    For resolving, best bet is to nuke and restore from backup.

    As for addressing it, it's the usual issue. Your Wordpress install, plus a bunch of plugins are out of date and vulnerable.


  • #3
    faceman
    Moderators, Category Moderators, Arts Moderators, Entertainment Moderators, Social & Fun Moderators Posts: 16,681 CMod ✭✭✭✭faceman


    Blowfish wrote: »
    For resolving, best bet is to nuke and restore from backup.

    As for addressing it, it's the usual issue. Your Wordpress install, plus a bunch of plugins are out of date and vulnerable.

    Next silly question. What's the easiest way for me to do this? :o


  • #4
    syklops
    Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    faceman wrote: »
    Next silly question. What's the easiest way for me to do this? :o

    There is multiple Cross site scripting(XSS) vulnerabilities, remote file upload vulnerabilities and a remote code execution vulnerability. Its unsurprising you have been compromised.

    Who created / set up your website? They should have a backup to redeploy, but their next step must be to update all the plugins. If you need assistance, send me a PM.


  • #5
    mneylon
    Registered Users, Registered Users 2 Posts: 7,742 ✭✭✭mneylon


    If you have backups of both the files and the database you could restore from those and then upgrade / patch all the plugins etc.

    Some of the nastier hacks are rather hard to get rid of unless you do this.

    Blog | Tweets



  • #6
    faceman
    Moderators, Category Moderators, Arts Moderators, Entertainment Moderators, Social & Fun Moderators Posts: 16,681 CMod ✭✭✭✭faceman


    syklops wrote: »
    There is multiple Cross site scripting(XSS) vulnerabilities, remote file upload vulnerabilities and a remote code execution vulnerability. Its unsurprising you have been compromised.

    Who created / set up your website? They should have a backup to redeploy, but their next step must be to update all the plugins. If you need assistance, send me a PM.

    A friend of mine runs the hosting and I had a wordpress designer do the website itself.

    I think I got things back to normal. I installed a malware remover which removed the infections and then I installed Sucuri which is running now too. (Is Sucuri useful?)

    I don't know what any of the things you said mean but I would love to be able to fix them. :o

    Incidentally my disk space is using 471mb of my 500mb but there is no way I have that many files etc.

    Any help you can offer greatly appreciated! :)


  • Advertisement
Advertisement