Sorry to bother you, but yesterday I noticed that my website (www.rossgardens.co.uk) had been hacked. My homepage had been replaced with a big message informing me that it had been hacked (by T1G3R_TR4C3).
I contacted A Small Orange who host my site. They sent me the following message:
“I’ve fixed the ‘hacked page’ at rossgardens.co.uk
I noticed that in both the /home/rossgard/public_html AND the /home/rossgard/public_html/wp WordPress installations are severely outdated and are the cause for the compromise.
To secure your account, we request that you apply all steps of the following checklist:
1. Check your account for any additional unfamiliar files and remove them.
2. Update all scripts (WordPress, Joomla! etc.) and their plugins to the latest secure versions.
3. Change your cPanel and your script admin passwords.
4. Ensure all computers used to access your accounts are frequently scanned for viruses and malware.
5. Uninstall any plugins, modules, or themes you are not using. Even if they are disabled the script resides on the server and can be exploited if there is a vulnerability.”
I’d much appreciate any advice regarding the following issues:
1. I presume this means I should look for unfamiliar files in my Dashboard?
2. I’ve updated my version of WordPress and updated active plugins
3. I will change my cPanel password. How do I change my script admin password?
4. I’ve checked that my laptop has no viruses or malware
5. I’ve uninstalled all inactive plugins. How to I know if I have inactive ‘modules or themes’?
I’ve also noticed that this page still states my page has been hacked: http://rossgardens.co.uk/wp/. Do you know why this is?
I have also just got the following message on my Dashboard and I’m not sure what I should do:
WP Super Cache Warning!
Your server is configured to show files and directories which may expose sensitive data such as login cookies to attackers in the cache directories. That has been fixed by adding a file named index.html to each directory. If you use PHP or legacy caching consider moving the location of the cache directory on the Advanced Settings page.
If you just installed WP Super Cache for the first time you can dismiss this message. Otherwise you should probably refresh the login cookies of all logged in WordPress users here by clicking the logout link below.
The logout link will log out all WordPress users on this site except you. Your authentication cookie will be updated but you will not be logged out.