My hacked site pageApologies – the site was hacked recently, and I have only just resolved the issue. As always, impressed by the techie skills of the hacker, but disappointed by their application.

 

Details of the wp-hack (for anyone who cares):

Seems to have been attempting to masquerade as the commonly used wp-cache plugin files. Thing is, I don’t use that plugin! ;-)

Telltale odd files in the content directory.
– advanced-cache file looks like link but is a dubious symlink
– wp-cache-config file seems dubious
– dodgy additions to plugin directory (false wp-cache folder)
– hacked config file: removed false ‘WP-CACHE’ declaration near database name declaration line

– the only corrupted file in the theme was the index file thankfully, so a password reset was all that was left to regain site control

Following handy http://www.solostream.com/blog/tutorials/how-to-fix-your-wordpress-site-if-it-gets-hacked-part-one/ I was able to restore site functionality. I hope I have secured the site against a repeat, by changing passwords and strengthening permissions on the config file, but will need to make sure of this! Some help from http://ocaoimh.ie/2008/06/08/did-your-wordpress-site-get-hacked/

Service resumed as normal! Bed time…