Podcast Episode

Screen Shot 2011-12-05 at 10.45.25 AM

053 – My WordPress Site was Hacked!

You can now hear Your Website Engineer Podcast on Stitcher SmartRadio. The latest episode will always be available and you never have to sync or clutter up your devices hard drive with lots of podcasts. Available for all smart phones

Tools / Plugins

WP No Category Base

Use Hover.com for domain registration and use coupon code “HARTZLERDM” to save 10% on your order.

My WordPress Site was Hacked!

grep -r -H "eval(base64” *

Request a malware review from Google after you have removed all malicious code from your site.

Most Important Take Away from Episode

Change your WordPress from the default settings of admin and pass

    • Forrest Tanaka Reply

      Bad for you, but good for us to hear a first-hand experience getting a WP site hacked. I do some things to make sure my WP sites don

      Dec 7, 2011
      • Dustin Hartzler Reply

        You are welcome. After all the hassle I went through, I want to make sure no one else experiences the pain!

        Dec 14, 2011
    • Chad Warner Reply

      Just finished listening. Your experience reiterates the importance of keeping WordPress secure, something I’m continuing to research and put into practice. Thanks for referring to your previous episode on security.

      Dec 7, 2011
      • Dustin Hartzler Reply

        Glad I could help! Thanks for listening 🙂

        Dec 14, 2011
    • Danny M1 Reply


      Apr 10, 2012
    • Danny M1 Reply

      Great podcast!  One comment I don’t know how people can live without SSH access?  I frequently ssh to my site sometimes from my phone.  It is much easier to admin things over ssh vs logging into cpanel.  For example I had to backup my database prior to installing some things on my site.  I ran a script on my laptop and within 30secs I backed up my whole site over ssh.   I know there are WordPress plugins for this and you could backup via the dashboard, problem is like you I have multiple sites.  Whenever I run my backup script I just back all of them up, I would not want to login to multiple dashboards.
      On the Oh Crud moment you had that allowed you site to be hacked.  I once deleted my production database instead of my development one.  Oops!  Just accidently clicked the wrong line!

      Apr 10, 2012
      • dhartzler10 Reply

         @Danny M1 I’m still learning about SSH and I am finding it truly valuable.  Can you share what command you ran to back up your site via SSH?  I’m interested in learning that one 🙂

        Apr 11, 2012
        • Danny M1 Reply

           @dhartzler10 Thanks Dustin: Here is the command I use.  mysqldump -u[username] -p[password] –host=[dbserver] –all-databases | gzip > ~/database_`date +%m-%d-%Y-%H%M`.sql.gz
          Here is the link to my blog post: http://blogmadesimple.com/how-to-backup-database-via-ssh/
          This was the first post in my ssh series, I will post the how I do my backup next week.

          Apr 12, 2012

Leave a Reply