WordPress.org

Ready to get started?Download WordPress

Forums

my wordpress sites keep getting hacked (3 posts)

  1. joeysaviour
    Member
    Posted 1 year ago #

    Hi there,

    I have multiple wordpress sites stored on my server and they keep getting hacked (about 7 times in the space of about 3 weeks).

    I keep replacing the malicious files that the hosting company tells me about by downloading them, deleting the malicious code and then re-uploading the files and all is fine.... then they get hacked again.

    By 'hacked' I mean that they are forwarding to apparent malware sites.

    I have all the latest wordpress software installed on each so it's not that that is causing the problem, and I have changed my FTP passwords multiple times during the attacks and the passwords for the wp-admin on each site, so that's not the problem either.

    Any ideas how I can prevent this from continuing to happen?

    Here are links to the sites in question if it helps:

    http://www.12treestudios.com
    http://www.dubpistolsmusic.co.uk
    http://www.panufnik.com
    http://www.thebugbar.co.uk
    http://www.myminidisco.co.uk
    http://www.nikejemiyo.co.uk
    http://www.uptownswing.co.uk
    http://www.fingerlickinmanagement.co.uk
    http://wwww.fingerlickin.co.uk
    http://www.ddarchitects.co.uk

  2. esmi
    Forum Moderator
    Posted 1 year ago #

  3. I keep replacing the malicious files that the hosting company tells me about by downloading them, deleting the malicious code and then re-uploading the files and all is fine.... then they get hacked again.

    That's never enough and you're just playin whack-a-mole that way. You've not successfully deloused your installations. Give these a good read, they may help you close the door that the attackers are coming in via.

    http://codex.wordpress.org/FAQ_My_site_was_hacked
    http://wordpress.org/support/topic/268083#post-1065779
    http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
    http://ottopress.com/2009/hacked-wordpress-backdoors/

    Additional Resources:
    http://sitecheck.sucuri.net/scanner/
    http://www.unmaskparasites.com/
    http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html
    http://codex.wordpress.org/Hardening_WordPress
    http://www.studiopress.com/tips/wordpress-site-security.htm

    Good luck.

Topic Closed

This topic has been closed to new replies.

About this Topic