Here’s a list of sites that have been hacked and are suffering this same dilemma.
http://www.zone-h.org/archive/notifier=AnonGhost
Firstly, what version of wordpress are you running?
Are you password and account names secure? or are you using an admin account named ‘Admin’ with a password like ‘Admin123’.
you should really be using passwords a lot more secure than that, such as 3W38f6563zi.
Have you hidden your WordPress version number from displaying anywhere on your site?
Have you tried doing a complete site resotre?
I’d recommend starting here:
http://codex.wordpress.org/FAQ_My_site_was_hacked
I would also seriously consider using a security / cleanup service like Sucuri.
Do a scan on there site and you’ll see your site has NO firewall, which is obviously a major security flaw.
Search Results
Sucuri will clean and repair your site back to its original state, and then set up stronger protection for you.
Good luck!
Evan
You might want to check with the Securi folks as they specialize in this..
Also it may be an issue with the server and not with WordPress – once a server is compromised, no amount of security will protect your sites on that server.
Check this website for strong password generator.
Also, that second link you posted, it looks like he targets Windows and Linux servers only.
We’ve used much more secure passwords than that and for most sites we’ve restricted access to wp-admin to our IP’s via .htaccess and we have attempted clean installs of these sites which is what tells us that the core files are infected as the problem remained. As for the version number, that’s never crossed our minds to hide, we’ve assumed that it’s only visible on the dashboard after being logged in so we thought it was no problem. And the firewall, I don’t think that we’ve even pondered such a thing for Web sites but I’m looking into that right now. Thank you, Evan.
As for infected servers, we firsted discovered it with BlueHost and subordinates of BlueHost and we just barely discovered it has infected Arvixe.
Just so you know, when a newer version of WordPress is released they publically release ALL known security issues for the previous versions.
Thats a roadmap for any potential hackers getting into your site. Once they know the version, they can pull up the security flaw list related to that version and exploit the hell out of the site.
That’s the reason it’s crucial to keep WordPress updated to the latest version.
Understood. I knew that they release information on fixes but are you saying that the issues are released in-depth or are they just made known publicly?
About the firewalls, isn’t that configured and managed by the hosting companies themselves anyway? I understand the additional security of having two firewalls but I am just curious.
Yea I believe the firewall would be set up on your hosts side. I would contact them and let them know of this security flaw.
The issues are just made publicly known, they don’t give in depth tutorials on how to exploit them.
But when someone has that information it becomes extremely easy to locate sites who have not updated and then hack them.