Help! - Wordpress Conditional Hack

apps

#1

My wordpress blogs have been hacked with “wordpress conditional hack”. I found that term after some googling.

If you visit any page on chromestory.com on your browser, things will look normal. But if you fetch as googlebot, it shows different page with hacked content, links, keywords etc.

I had Dreamhost scan my code and delete some stuff. After that I suggested deleting wordpress completely and restoring things from mysql DB. I resubmitted some pages through google webmaster central.

I did that but this is happening again. I found the hack on the latest post I wrote.

Take a look here.

Can anyone here help please :frowning: I am in deep trouble here…


#2

Do your restore again (rename the domain.tld folder and create a new one to ensure a completely empty start).

After you do that, install only the theme you want to use and only the plugins you absolutely have to have.

If you have any other scripts in your account, the same applies for them as well.

You can lookup any exploits that might be pertinent to your installation here: http://secunia.com/advisories/search/?search=wordpress


#3

Hi,

Thanks for your reply. I did not follow the sequence you suggested, but deleted everything under domain.tld folder, removed the installation via control panel, and then re-installed…

was that correct procedure? (I am hoping that there were no hidden files… )


#4

I would install WP manually.