WordPress is a great piece of software that works fine most of the time. But there are times when things stop working. Maybe WordPress can’t connect to the database as a result of the wordpress B4489 php hack Or maybe some files have been corrupted. Or your website is involved in a malicious hack.
The Fixing the wordpress B4489 php hack error message is relatively new and came about after wordpress version 3.3.1 was released. This is a rare problem and in some cases you may see this error message displayed on your website or not.
If this is the problem you are facing, unfortunately it’s not a simple fix. Most wordpress errors can be fixed by simply deleting a file from your WordPress installation directory or making simple amendments.
What causes this error?
This error is mostly displayed as a result of a hack or malware breach. It occurs when one of your PHP files are infected with malicious code. This code is normally injected into your wordpress installation through a brute force attack or via an email attachment.
Summary of how to fix this error.
Step 1: Backup the Site Files and Database
- Make a complete backup the full site. This will be the most thorough backup of your entire server. However, it might be quite large.
- Normally we suggest you use a WordPress backup plugin. However there’s a 95% chance you can’t login okay. If you can’t log into the site, the hackers may have compromised the database in which case, you may want to use a professional to resolve this.
Note about .htaccess file: Make a back up of your .htaccess file and download it. This is an invisible file, so you can only see it in the web host’s File Manager if you choose to show invisibles when you launch the File Manager. Rename this file to remove the period at the beginning, so you can see it on your computer, otherwise it will be invisible on your computer as well.
Step 2: Download and Examine the Backup Files
Once the site is backed up, download the backup to your computer, double-click the zip file to open it. You should see:
- All the WordPress Core files. You can download WordPress from WordPress.org and check out the files in the download and match them to your own. You won’t really need these files, but you may want them for your investigation into the hack later.
- The wp-config.php file. This is important as it contains the name, username, and password to your WordPress database which we will use in the restore process.
- .htaccess file. This will be invisible. The only way to know if you backed this up is to view your backup folder using an FTP program (like FileZilla) or code editing application (like Brackets) that lets you view invisible files (check the Show Hidden Files option) within the application’s interface.
- The wp-content folder. In the wp-content folder, you should see at least three folders: themes, uploads, and plugins. Look in these folders. Do you see your theme, plugins, and uploaded images? If so, then that’s a good sign you have a good backup of your site. This is typically the only mission-critical folder you need to restore your site (in addition to the database).
- The database. You should have an SQL file that is an export of your database. We are not going to delete the database in this process, but it’s good to have a backup.
Step 4: Scan files for infected malware/code
This is perhaps the most time consuming and difficult process in fixing your website. You need to look for suspicious code, these are pieces of script that aren’t normally there in your core wordpress installation files. At times the hacker may hide this code inside a file in non core wordpress files, as well as in plugins.
There are several places to start looking but the most common files are wp-config.php, .htaccess & wp-login.php . Also comb through the wp includes folder.
Depending on the skills of the developer, experience and tools at your disposal this process can take anywhere from 2-3 hours all the way to 5 days. Biggest time consumer is combing through your files to fix the issue.