Getting hacked is the worst nightmare anyone could have. And having been experienced it already is even more horrifying ! Yes you got me right, my website was hacked maybe a month since I moved to WordPress. Lucky that it wasn’t a large scale one, but still no body would like that. Lucky enough that my users,friends,colleagues didn’t get to know about it.(Even if they did, no body informed me for whatever reason maybe)
Anyways, after going through a bunch of articles, realized that this was kind of a common hack. What this hack did was, it replaced the 404 error page with a script that would do nonsense stuff instead of displaying the error.
First of all, finding this is a real hectic job. I as an experienced and *professional*
Then realized that every theme in WordPress has its own 404 page. One can look for it under Appearance -> Theme Editor / Editor.
Once you get here, you will immediately recognize that something is horribly wrong with the code. Until unless you are extremely newbie, you will definitely find something fishy. For all the newbies, if you find any suspicious links to other website, some erratic codes that are not at all related to your website’s functionality then there’s a problem.
Simply deleted the contents from this file. If you have the original files, replace the contents and voila, votre site est claire ! aka your website is clean !
But, if the hack is something else, the only option would be to backup all the contents, databases, themes etc basically the whole WordPress folder. Delete the directory and install a fresh copy of WordPress. Simply upgrading the package won’t do the job, as it only updates the WP files and hence may leave the infected files as it is.
So, as it is said, Person learns from his experiences. This was probably the most horrifying experience I’ve ever had. But nevertheless, another experience added to my mountain of experiences !
Feel free to contact in case of any queries !