I'm relatively new using wordpress and I'm impress with this piece of software can do for you. However, 3 days after I uploaded and setup my first webpress site, I've been hacked every 2 to 3 days. I have done everything I can think of to get it fixed, but without success. It is a injection type of attack. I'm about to throw the towel, but want to give it a last chance by coming to you, experts!
So this is what I have done:
- DB_name, DB_user, DB_password, DB_host with its correct information, using MySQL from 1and1.com
- All four authentication unique keys are random.
- table_prefix is a random with numbers & text.
2. login has been changed from ADMIN to something else
3. password is long and complicated
4. All themes and gadgets I've been using are from webpress website, so they should be code-hacked-free.
5. Security gadgets I've used are wp Firewall & wp scan.
6. robots.txt to be disallow
So the wpScanner tells me that everything looks fine and good.
What am I missing?
Why do I keep getting hacked?
Please tell me what else I can do to try to get it running without having to transfer everything back to the ftp every day.
Thanks in Advanced.