I got hacked by some fool.
- Don’t use rewrite in .htaccess file. The hack left some changes to the .htaccess file. I cleaned it and left a basic .htaccess file in the root.
- a menu.php file is needed in the wp-admin directory. This hack also left changes to menu.php. I renamed it, but WordPress needs a menu.php file.
- reinstall 6.1 once I’m able to access app-admin. By now, I was able to access the admin panel. I immediately reinstalled WordPress 6.1 to get a relatively clean fresh install.
That should clean things up. To find clues on how to repair the hack I used my Error logs and, surprisingly, ChatGPT. At five in the morning, I sat in the dark and had a conversation with ChatGPT. Surprisingly, I had a conversation with the AI and it actually pointed me in the right directions and helped me figure out what needed to be done. The most egregious part of the hack were the REWRITE statements we found in the .htaccess file. The REWRITE commands allowed the menu.php file to be corrupted with whatever madness the hacker wanted to modify. That’s as far as they got.
I’m unhappy with the fact that some hacker screwed my WordPress install. Thankfully, not much had been damaged by the hack. This was a basically empty site anyway, because the site that was hacked was a replacement for another site that I’ve moved offline, so there wasn’t much to lose.
However, I’m very pleased to find that ChatGPT queries helped me find the errors in the install and find my way to a fresh install that I could trust. Honestly, it was like working with an unemotional co-worker. Chatting with the AI really assisted me.