Did your WordPress Site get hacked is a good pointer to fixing things. It is pretty insidious what can happened:
- Upgrade your WordPress installation to the latest
- Change your passwords on your site as they could have gotten in as administrators.
- Change your FTP passwords.
- Look at the permissions to see if they’ve been modified. You want 644 mainly.
- Look through the databases to see if there are hidden plugins and users
Here is the new list
- The simplest way is hiding their code in your php scripts. If your blog directory and files are writable by the webserver then a hacker has free reign to plant their code anywhere they like. wp-blog-header.php seems to be one place.
- Make sure there are no backdoors or malicious code left on your system. This will be in the form of scripts left by the hacker, or modifications to existing files. Check your theme files too.
- Edit your wp-config.php and change or create the SECRET_KEY definition. It should look like this, but do not use the same key or it won’t be very secret, will it? define(‘SECRET_KEY’, ‘1234567890′ );