Welcome to the Treehouse Community
Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community!
Looking to learn something new?
Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.Start your free trial
Andrea Swan13,836 Points
Wordpress Sites Hacked
I have had complaints from my hosting that
Your account was suspended for sending spam, this may have been related to an unmaintained wordpress installation or plugin / theme, or someone guessed your email password.
You'll need to change your cPanel login password from the Service Details page in the Client Area and then login to cPanel and change the passwords for every email account you have. Once you've done that, please make sure that all 3rd party software like wordpress, drupal and joomla are updated to the latest version as well as any installed themes and plugins. It is suggested that you disable and remove any plugins and themes you are not using.
Lastly, you will need to examine each and every .php file in your account to make sure it does not contain any malicious code. If you are unsure what to look for, you will need to hire someone to do this for you or just delete everything and upload clean copies of the software, plugins and themes you are using.
If you'd like your account reset to factory defaults, please reply and request that specifically.
I have done all the things above, but how can I be sure I have removed everything, some of it im not even sure if I should remove, has anyone had this happen?
Mathieu Delporte8,097 Points
The wise thing to do here would be to roll back to a working and hack-free backup, if you have one that is. This way you're sure that you haven't overlooked anything that could cause the site to go down again. The most important files to check would be your wp-config.php and functions.php, so make sure you check those.
To make sure this doesn't happen in the future I suggest you keep WordPress and all plugins up to date at all times. As for backups, there are alot of great plugins out there that backup your site (files and db) regularly. If a site goes down, you can clean the FTP and roll back to one of the backups, saving you alot of time.
Andrea Swan13,836 Points
Thanks for your advice, I used wordfence on my main sites so was able to remove changes to the code quickly and I am now notified of any attacks/access attempts and critical updates, I scanned the hacked site and manually checked the files you suggested. My sites are now secure and backed up. That's defo a lesson learnt for me! Keep everything updated and consider further security! :D