George explained what the problems since the hijack:
- Unable to publish blog posts and pages; (a blank page appeared when he tried to publish)
- All the pages had been delete, or disappeared.
- Akismet was turned off… opening the floodgates to lots of unwanted casino and porn comment spam!
Previously, Bookninja was running an earlier version of WordPress – one that had a known exploit/vulnerability – so George quickly upgraded to the latest version. (This is all beside the point now).
George sorted out the comment spam and got Askimet back up and running.
The blank page after publishing took a while to figure out, but I got there in the end! (It was a rogue URL in the notification/ping-list).
With the mysteriously vanishing pages (as opposed to posts), my initial reaction was that they had been deleted from the database. I was about to break the bad news to George, but I thought I’d take a quick look at the database to make doubly-sure.
Low-and-behold, I found them! But something weird had happened… All the WordPress pages had been converted into blog posts! This caused an issue because the permalink structure was using “
?page_id=” querystring – which meant that all the page links would be broken.
I adapted the SQL to fit my needs:
UPDATE wp_posts SET post_type = "page" WHERE guid LIKE "%?page_id=%";
With that, Bookninja was back to normal… George has dubbed me “The Bookninja Messiah“! [Cue: Monty Python gag]
Now the hunt is on for the hijacker!