Godaddy WordPress HackedIts again now in September 2010, many of the wordpress based sites are hacked. Earlier during May 2010 many of the wordpress sites hosted on Godaddy are affected by malwares. This time, i am not sure whether the attack is towards Godaddy hosted sites or through out the PHP based sites. This post helps you guys to quickly fix your hacked web site back to normal, within minutes. Looks the attack doesn’t cause any direct impacts to your site but those who are visiting your site may get inflected by Trojan’s.

Today morning, when i opened by site suddenly my Anti-virus alarmed saying, “Trojan Detected” and it blocks my site from loading. My first guess, remembers me back to the month of May where many of the wordpress sites were hacked down. Just made a Google search and found that our friend from Blogtips.org had written a blog post about a similar attack on this September.

Okay, you don’t need to worry. Its simple to fix this issue. Just by restoring all the files from older backup recovers your site.

How To Fix ? (For Godaddy Users)

  • Go to Godaddy.com, enter login/password.
  • Click your domain name which appears in the center of the page.
  • Now the dashboard appears, select Hosting.
  • From the top menu select Content -> File Manager.
  • Check the last modified date/time of .php files, it all looks similar and it will be a recent date on which your site was hacked.
  • To make sure this is a similar attack, open any .php file and see the top. The file starts like below: (base64_decode is the call used to decode that hidden hack code) <?php /**/ eval(base64_decode(“…
  • Now you have to restore the files, Click History.
  • Click the Calendar icon and select a date before that hacked date.
  • Check the Tick Mark at the top.
  • Make sure the page size is set to 50 (to view all the hosted files in single page or if you have more files then you have to select them from the second page too).
  • Click the ‘Restore’ button and give OK.
  • It shows ‘Restoring’ and finally it completes.
  • Thats it. Your site recovered now.
  • Make sure you have cleaned the cache (if you use any cache plugins like hypercache/supercache).
  • For security reasons, you shall change your wordpress database password. See here and here for more info.

How To Fix ? (For non-godaddy users).

If you feel these restore steps are not clear, check Godaddy’s Help.

2017-10-09T20:56:46+00:00

About the Author:

I love-to-code, passionate-to-write, an upcoming author, and WordPress enthusiast. Here at BlashO, I mostly share WordPress tips. Connect with me @Twitter.

One Comment

  1. Todd Redfoot - Reply

    An exploit affected PHP files on approximately 150 Go Daddy accounts Friday afternoon. Go Daddy's Security Team worked quickly to clean and restore these websites, however, we have detected additional customer sites that may currently be experiencing difficulties due to this same attack.

    Go Daddy's Security Team has identified the cause. Our forensics have determined malicious files are being uploaded via FTP to customer websites. Go Daddy is asking all customers who believe they have a problem to change their FTP passwords.

    Meantime, our team is working swiftly to restore all affected websites and appreciates customer feedback. Go Daddy will continue to monitor as long as it takes to ensure our customer accounts are clean.

    If you suspect your site was impacted, please fill out our security submission form, located here – http://www.godaddy.com/securityissue.

    Thank you,
    Todd Redfoot
    Go Daddy Chief Information Security Officer

Leave A Comment