Hacked Sites?

Last Update: December 10, 2018

Just curious, but we are told that the best way to safeguard one's site is to back it up regularly, which I agree.

However, let's say your site has been hacked and you don't realize this.

In the meantime, you do a complete backup.

Once the offending files are removed, through SiteSupport, or you do it some other way, won't restoring your backed-up files also bring down the original problem back to your site?

In such cases, how can you get rid of the offending files?

I was just thinking...

James




Join the Discussion
Write something…
Recent messages
Kyle Premium Plus Featured Comment
If you restore a website with bad files, then yes, the restoration process is going to be with the bad files.

Not sure how you can get "hacked". There is a lot of scare about this, but generally speaking this simply doesn't happen. We have SiteProtect and many things we do from our end to keep websites secure, including red flagging many plugins that have security holes to prevent the problem from even happening.
Reply
JamesJB Premium
Thank you for answering my question, Kyle.

Yes, there has been a lot of scare about hacking lately, which has left me rather wary of things.

I appreciate your assurance on this, and to be quite honest, I enjoy being safe rather than sorry.
Reply
MarionBlack Premium
I do my own backups regularly, James. That way I have a choice of which version to use. WA only keeps one backup which could have the corrupt files in it.

Install Wordfence security plugin and do regular scans. It will find any corrupt files for you and make it easier to repair or remove them.
Reply
jvranjes Premium
As I understand this is a free online service rather than a regular plugin. They do scans remotely and send a report. I do not like this, you never know how this may affect sites performance and what they are really doing. Is there a tool that would do this locally and when I want, just like WP-Optimize?
Reply
MarionBlack Premium
It's active on over 2 million (2,000,000) websites, Jovo. I trust it because it works.
Reply
JamesJB Premium
Thank you for your constructive feedback into my dilemma, Marion.

I had started doing more regular backups, following your sound advice, and I hope all will be well from that angle.

I've already installed Wordfence and have it running. So far so good, but if I encounter any issues, I might have to disturb you once more, if it's not too much of an inconvenience.
Reply
jvranjes Premium
I did a search and find this "It puts significant amount of load on your server. This could affect your site’s performance if you are on a shared hosting environment. It messes up with your WordPress data and stores a lot of information in your database."

I also asked Support and they say there is no need for such a heavy tool at WA hosting.
Reply
MarionBlack Premium
They also say there's no need for you to make backups but they only keep one backup of each website. There's no historical backups to fall back on. I don't trust them to take care of my production websites.
Reply
JamesJB Premium
I think it would be wise to play it safe, especially after weeks, months or even years of working on a particular site. The amount of damage, frustration, and utter despair would be beyond words should something go wrong.

Thank you once more, Marion...you're an angel :)
Reply
jvranjes Premium
Easy to agree, I do not trust them either, in particular because of my main site which was deleted once by one of them. And not everything was restored because of only one backup they keep.

In fact my question to them was if the plugin was allowed at all, because I know that some are not. But they did not answer the question.

But this tool is clearly heavy, this is my issue with it.
Reply
MarionBlack Premium
I agree with you Jovo. The plugin is heavy and WA doesn't permit automatic scans but I don't care about that. I'll keep using it anyway. Just as I'll keep doing my own backups.
Reply
merlynmac Premium
Yes...backing up bad files is a possibility. I would suggest keeping multiple backups and checking when you restore for the offending files.

I keep an eye on my defined users and also check for code added to pages, posts and media files just to make sure everything is as it should be.
Reply
JamesJB Premium
Thank you for your response...

Do you apply a particular procedure, or use a plugin perhaps, to check for added code to pages, posts and media files?

I mean, how would I know such code has been added in the first place?
Reply
merlynmac Premium
So I had discovered that my site would randomly redirect my visitors to another site. After doing some digging I discovered that a script was added to the last line of my posts and pages and to the description of my images.

I log into my site dashboard every now and then and just search for <scr in my posts to see if any new [removed] entries are there. It looks like one of my plugins was the cause of the security hole that allowed such things to happen in the first place. Make sure you keep your plugins and themes up to date at all times. Also use plugins with good reputations and installation base vs some small time guy who you don't know and can't really trust.

I use the Better Search Replace plugin to search for and remove the script in a single move if I find it. I only activate the plugin when I need it and deactivate it when I'm done.
Reply
JamesJB Premium
Some things go on with our websites that we're not even aware of, which can be quite frightening, to say the least. It's a good job you had discovered your site was randomly redirecting your visitors to some other site.

I'll have a look at my site's dashboard, and see if there are any <scr in my posts...just in case.

I've heard it said all too many times that plugins are a source of security problems, especially if these aren't updated regularly. I make it a point to always update mine, and even the theme itself, when there are updates available.

I've never heard of the Better Search Replace plugin before you mentioned it.

Thank you so much for helping me out. It's greatly appreciated.

Would it be a problem if I contact you again should I have any other issues?

James
Reply
merlynmac Premium
That Better Search and Replace program is great for removing a string or replacing links even across your entire site with the push of a button. I absolutely love it.

Feel free to reach out any time. If I can help I will.
Reply
JamesJB Premium
Thank you...I appreciate your kind offer.

James
Reply
merlynmac Premium
Any time
Reply
Sbibby880 Premium
I back up mine every few days just to be sure. I have my backups go to dropbox to be safe
Reply
ExpatMark Premium
Good point. Will be interesting to see some replies from everyone.

Mark
Reply
JamesJB Premium
This thing keeps hammering at the back of my head. It would be great if I stop wondering about this as it's not a very pleasant thought.
Reply
Top