-1

It's desperate times for me/us in trying to figure out what's going on. We have been hacked recently and lost our rankings/traffic due to google posting a message saying "This Website May Be Hacked". Ever since then, we've cleaned the files/scripts on our wordpress site with no use. We've installed a new version of wordpress and imported the theme files - again, without any luck. We are beyond frustrated as we don't have a clue as to where to look and this is costing us business.

Our setup is the following:

Centos OS Wordpress on 4.4 Cloudflare managing DNS Apache installed Mod_pagespeed installed

At this point, we have several scripts that are some how loading up in the site's footer and are clueless as to what's triggering them and think they might be the culprits that are causing us our ranking issues.

Can someone please chime in and let us know what you think?

please see the attached screenshot

scripts loading in footer image

Thank you in advance!

SamiSam
  • 1
  • You need to wipe the server and start from a clean backup. The screenshot you included looks perfectly legit - that's just how WordPress loads its JavaScript files. – ceejayoz Dec 22 '15 at 17:58

1 Answers1

5

There is only one solution:

enter image description here

Seriously, stop messing around with it and get it off the internet. Restore from backup, because I know you have fantastic ones. You will never "clean up" the infected server. Ever.

Wesley
  • 32,320
  • 9
  • 80
  • 116
  • @Iain Unashamedly. I thought no one would notice too much what with Christmas vacations and all... _shhhhh!_ :D – Wesley Dec 22 '15 at 18:28
  • I am clearly just jealous that I didn't think of doing it . – user9517 Dec 22 '15 at 18:31
  • it's easy to say rebuild the server but i have over 6 websites and they all get a lot of traffic.. only one site was hacked from what we're seeing (plus google search flagged us).. so we don't think this is affecting the other sites and since they are websites used for business, taking them down, meaning business will stop.. so I'm trying to figure out a way to i guess run them in parallel while we get something up and running.. As to the scripts, the same theme we're using is used with other sites and we do not see these scripts being loaded that way. – SamiSam Dec 23 '15 at 18:42
  • @SamiSam If the server and sites were properly backed up, and if recovery steps were adequate, it would be virtually no trouble at all to restore from backup. 5 minutes of downtime tops. Lesson learned: repeatable builds, fast recovery. – Wesley Dec 23 '15 at 18:46