Forum Replies Created
-
AuthorPosts
-
AlyssonMember
Hi, Christoph. I didn't declare myself an expert, nor was I suggesting cleaning up those files alone was sufficient. My apologies if that's how my post comes across. I was merely trying to point people in the right direction to help them discover which files have been compromised, where to find them and that replacing them with originals from a freshly downloaded copy of Genesis would solve the most immediate issue - remedying the hack itself. I shared that information only to save them a bit of time. Getting to the bottom of how a site was hacked is, as you point out, an entirely different endeavor altogether.
There are obviously a number of other steps to take post-cleanup, including those you mentioned, when investigating how an attacker gained access to a site to begin with. However, my goal was not to post a start-to-finish tutorial. My goal was simply to let people know how to solve the most pressing issue, should a Sucuri scan indicate their site is infected with malware - which, as I said, is locating and fixing the hacked files and doing so as quickly as possible.
Thanks for taking time to point out that they shouldn't stop there. There certainly is more to be done than just remedying the hacked files, though that is obviously the most urgent matter and the topical basis of my original post.
AlyssonMemberJust as an FYI, I'm no noob. I'm more cognizant of the importance of securing WordPress installations than most and I use both Wordfence & iThemes Security Pro to lock down all of my Genesis sites... and the files were hacked anyway. Don't assume you're safe just because Genesis is historically secure and you tend to have your ducks in a row. No site is completely secure and even Genesis can be hacked, no matter how sure you are that you've got your sites locked down.
-
AuthorPosts