So as some have noted, my site started to appear under Google’s phishing warning. It was worse than that. It had been fully compromised and was used to send out spam emails. Needless to say, there was a bit to learn from all this after taking almost two weeks to clean everything up.
First, when wiping out all code and replacing, make sure it’s the latest. Apparently I had an older version (2.x !!!) lying around that I got confused with being a recent version. The main folder had a June 2016 date so I had figured it was the updated version.
Second, be persistent. Sometimes this info left behind by attackers can be deep in a variety of files so it may take time or you may need to do a full wipe of code (which I had to do). I was able to recover the posts and am slowly re-associating pictures to posts but otherwise.. Just don’t give up.
Third, take the time to do backups, ensure that a site is at the latest and invest in some decent security WordPress plugins (specifically when using WordPress). I ended up paying for WordFence, a pretty impressive security scan, detection and repair tool/plugin all in one.
Lastly, even if you end up like me where things get busy, never stop checking your site and never stop ensuring it’s kept up-to-date. Get rid of older copies of the WordPress updates so that you don’t do the same mistake as I did and accidentally update with an older version.
Anyways, now that things have calmed down a bit I’ll hopefully be able to update the site on a more somewhat regular basis. Lots of good stuff coming up over the next few months, including my sessions being acceptable for BOTH VMworlds (YAY me!!)