wheel - 12:37 am on Jan 16, 2013 (gmt 0)
By backups I meant don't start with copies of the code that originated from the server. Because that could either have an injection or an exploit in it. Instead, start with a clean copy from somewhere. If you're running on wordpress,go get a new download right from wordpress.org.
A REMINDER OF BACKUPS PEOPLE! I posted this holy cow almost 8 years ago:
and I still use that setup today, just with bigger drives and some of the stuff now onto raided drives. With the price of drives and bandwidth, there's no excuse to not have a fancy setup like that sitting in your basement. It's saved my bacon a couple of times after getting hacked - I just go back snapshot by snapshot until I find the clean version, do a restore (which gets me live) and then I've got time to diagnose and fix the problem.
I've even had them come back and re-hack while we're figuring out what went on. But by that time I've got the clean copy handy and it's just a cut and paste.