Clean up a malware infected (currently disabled) website created in Wordpress
- or -
Post a project like this3430
$$
- Posted:
- Proposals: 11
- Remote
- #611599
- Awarded
IT Professional, Server Admin, Microsoft Certified - Mission - to satisfy my cleints
Wilmslow
255011186609320741403570495724554868565345590795726859796382302539
Description
Experience Level: Intermediate
Estimated project duration: As soon as possible - autumn/winter is a key time to have the site up for us
General information for the website: Class Association website for the Impala28 Class Association www.impala28.co.uk currently takes you to our facebook page
Description of every page/module: Site contains news about the Class
News about boats & championships
Tuning and maintenence guides
Forum - slightly superceeded by Facebook page
Boats for Sale
Constitution & Class Rules
Boat technical drawings
Committee details.
Description of requirements/features: We have been sent this email by our web host and require someone to sort the mess out and get us back on line. i.e. go through all the bits in the email and sort it out for us.
There may be a requirement for ongoing support or to train our own webmaster.
We are a small sports organisation. Despite us running what looks to be expensive toys, the Class Association has very little money to sort this issue out i.e. just because we have yachts, we're not rich.
EMAIL FROM HOST.
I have received the following email from our hosting supplier to advise that they have noticed unusual and malicious activity on your account, most likely to do with the website being a WordPress one given the recent well-documented security issues in relation to out-of-date coding / scripts. Can you please pass this onto your web developer to investigate and once we have a clean bill of health from them, we can respond to the ticket below.
Hi Neil,
Thanks for taking the time to read this ticket. This site has been disabled as it was found to have been compromised and has been used to distribute malicious software to users, likely without their knowledge or consent.
Typically, such sites are uploaded automatically by malicious scripts taking advantages of weaknesses in a site's code. Therefore, before we'll be able to re-enable this site, we'll need to know that the malicious site has been removed and that the original vulnerability has been removed. Therefore, you should now:-
- Backup your database
- Download a copy of your site, but keep it separate from your clean backups.
- Delete all files from your hosting package.
- Contact us so that we can confirm that all files have been removed and so that we can re-enable the site for you. This will also re-enable access to eXtend.
- Change any passwords relating to the site, including database, administration, FTP, and mailboxes
- Rebuild your site from the latest releases of your CMS, or upload a known clean backup and update all scripts to the latest releases. If your site is custom-built, you should review the HTTP logs and vulnerable source to identify the issue, and resolve it.
- Audit your site's security. Have you removed any installation files, checked directory permissions, removed any un-needed modules?
- Contact us to re-enable the site.
If you require any assistance, please ask - we can, for example, delete all files from your hosting package to avoid having to do this via FTP, and offer advice on security best practice to help keep your site secure in the future.
Extra services needed: Security, Other
Specific technologies required: Wordpress
Extra notes:
Description of every page/module: Site contains news about the Class
News about boats & championships
Tuning and maintenence guides
Forum - slightly superceeded by Facebook page
Boats for Sale
Constitution & Class Rules
Boat technical drawings
Committee details.
Description of requirements/features: We have been sent this email by our web host and require someone to sort the mess out and get us back on line. i.e. go through all the bits in the email and sort it out for us.
There may be a requirement for ongoing support or to train our own webmaster.
We are a small sports organisation. Despite us running what looks to be expensive toys, the Class Association has very little money to sort this issue out i.e. just because we have yachts, we're not rich.
EMAIL FROM HOST.
I have received the following email from our hosting supplier to advise that they have noticed unusual and malicious activity on your account, most likely to do with the website being a WordPress one given the recent well-documented security issues in relation to out-of-date coding / scripts. Can you please pass this onto your web developer to investigate and once we have a clean bill of health from them, we can respond to the ticket below.
Hi Neil,
Thanks for taking the time to read this ticket. This site has been disabled as it was found to have been compromised and has been used to distribute malicious software to users, likely without their knowledge or consent.
Typically, such sites are uploaded automatically by malicious scripts taking advantages of weaknesses in a site's code. Therefore, before we'll be able to re-enable this site, we'll need to know that the malicious site has been removed and that the original vulnerability has been removed. Therefore, you should now:-
- Backup your database
- Download a copy of your site, but keep it separate from your clean backups.
- Delete all files from your hosting package.
- Contact us so that we can confirm that all files have been removed and so that we can re-enable the site for you. This will also re-enable access to eXtend.
- Change any passwords relating to the site, including database, administration, FTP, and mailboxes
- Rebuild your site from the latest releases of your CMS, or upload a known clean backup and update all scripts to the latest releases. If your site is custom-built, you should review the HTTP logs and vulnerable source to identify the issue, and resolve it.
- Audit your site's security. Have you removed any installation files, checked directory permissions, removed any un-needed modules?
- Contact us to re-enable the site.
If you require any assistance, please ask - we can, for example, delete all files from your hosting package to avoid having to do this via FTP, and offer advice on security best practice to help keep your site secure in the future.
Extra services needed: Security, Other
Specific technologies required: Wordpress
Extra notes:
Jo L.
100% (2)Projects Completed
3
Freelancers worked with
3
Projects awarded
75%
Last project
29 Mar 2018
United Kingdom
New Proposal
Login to your account and send a proposal now to get this project.
Log inClarification Board Ask a Question
-
There are no clarification messages.
We collect cookies to enable the proper functioning and security of our website, and to enhance your experience. By clicking on 'Accept All Cookies', you consent to the use of these cookies. You can change your 'Cookies Settings' at any time. For more information, please read ourCookie Policy
Cookie Settings
Accept All Cookies