WordPress.org

Ready to get started?Download WordPress

Forums

iThemes Security (formerly Better WP Security)
[resolved] [closed] Better WP Security HACKED! (12 posts)

  1. SuperFlies
    Member
    Posted 1 year ago #

    Hi there,

    I installed this plug-in because of all the rave reviews. It seemed to be going well. I enabled the 'Hide Backend Admin Login' option and... all the sites got hacked. ALL! The sites are up and running, but when I go to log into the admin URL I set using the stupid plugin... it's hacked. NO ACCESS! How do I fix this!

    Any suggestions as to what I can do? I mean, seriously. This has me pretty ticked off.

    Please advise.

    http://wordpress.org/extend/plugins/better-wp-security/

  2. The Hack Repair Guy
    Member
    Posted 1 year ago #

    Seems unlikely the plugin hacked your site. Though security plugins can conflict with other plugins, etc. It's quite common actually and easily remedied.

    I would next log in via FTP or File Manager and for the moment delete that particular plugin directory.

    I would not give up hope on this plugin either. It's quite beneficial once you figure out how to set it up appropriately for your site.

  3. SuperFlies
    Member
    Posted 1 year ago #

    I know the plugin didn't hack the site. The hackers who hacked the plugin did.

    These same hackers hacked the site without the plugin. Now after 2 months of seemingly smooth sailing, the same hackers came back and hacked the Better WP Security plugin and now I don't have access to the backend.

  4. The Hack Repair Guy
    Member
    Posted 1 year ago #

    I would next log in via FTP or File Manager and for the moment delete that particular plugin directory.

    Did you try the above yet?

  5. SuperFlies
    Member
    Posted 1 year ago #

    Yep. No luck...

    I can visit the standard wp-admin.php login, but it won't accept my user info. I then also visit the security URL as suggested by the Better WP Security plugin and that is where I am hacked.

    http://geoforceenergy.com/thering

    Enjoy...

  6. The Hack Repair Guy
    Member
    Posted 1 year ago #

    The type of hack on your site atm is almost always done through a stolen FTP password (in my experience).

    That said, your best course of action is first contact your host and get them to recover your website from backup. Once you have a clean copy in place then run (don't walk) in making sure all your stuff is updated, all user/passwords changed, etc.

  7. SuperFlies
    Member
    Posted 1 year ago #

    Seriously? So, that's it? It's not the plugin it's via FTP?

  8. The Hack Repair Guy
    Member
    Posted 1 year ago #

    Without actually logging in and looking at logs I would say it's more likely a password issue than a plugin issue.

    (no manner of security plugin will stop a hacker if hacker figures out your password)

  9. SuperFlies
    Member
    Posted 1 year ago #

    How much do you charge to log in and take a look?

  10. I'm sorry to hear this. As I've stated in many places no plugin can protect from everything. There are simply too many vectors. If ya'll do figure out how they got in I would be curious to know so that I might be able to add protection for this vulnerability to help future users.

  11. gatorfantom
    Member
    Posted 1 year ago #

    @SuperFiles: Would you mind sharing if and how you were able to resolve this? (Your site looks accessible, though none of the images are loading for me.)

  12. esmi
    Forum Moderator
    Posted 1 year ago #

    Please try http://directory.codepoet.com/

    This topic has now been closed as per the Forum Rules

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic