Website Attack


Supporting Member
Hi folks,

I have just found out that our band website has been compromised by exploits. I'm afraid that, despite once having been webmaster, I do not like or have much to do with our site except to update it occasionally. It is a wordpress based site and I've never been keen on it. However, Google provided information about repairing/rebuilding the site but I do not understand the answer. I have downloaded iScanner but have no idea how to make it work.

Can anyone please help?


The iScanner software seems to be for server admininstrators, rather than hosting customers, and I suspect you're not the server admin. If you have a backup of your site from before the infection, you're almost certainly better off installing a fresh copy of the current version of Wordpress and restoring the database and attachments from the backup (having checked them for viruses separately, of course). The infection may well have targeted something like the footer code in your theme files, so you'd be looking to get a fresh copy of the theme, as well.

If you don't have a backup, your hosting company may have. You should certainly be informing them of your trouble anyway, as others on the same server may be affected, and they may need to investigate a security breach. You'd be wise to check your own computer thoroughly for infections, and to change your passwords, particularly for FTP, afterwards.

Looking ion the bright side - if you didn't like the old site, here's your chance to build a better one from scratch!


All popular open source Content Mangement Systems have components and plugins from unrelated developers (unless you use the absolute minumum core product) All professionals know hacking can happen and is almost unavoidable. Components and CMS systems are continuosly being hacked and upgrades released. Joomla 3.0 is good in this respect in that all components are checked for latest version when you login to the Admin panel.
This forum uses a very popular open source forum package - make a google search for vBulletin exploit and you'll find lessons on youtube how to hack it and links to scripts to help do it. The developer team know this and release continuous updates to hold back the hackers.
It is essential to check for patches for all open source packages almost daily - a big commitment for a hobby website.


another good open source CMS is e107 ( Its constantly updated by the developers against security flaws an has a good and helpful community. They all have their weaknesses unfortunately :(

good luck with it


Supporting Member
Thanks all for your help. Our real, current web boys have sorted the problem out. I'm glad I'm retired from this kind of thing now. I find it more and more difficult to keep up!