WordPress.org

Ready to get started?Download WordPress

Forums

Wordfence Security
site hacked despite wordfence security (10 posts)

  1. Dr. Ashok Koparday
    Member
    Posted 1 year ago #

    Hi Mark,

    I left on wordfence site a comment about my site being hacked.

    Before dawn on Valentine's day mydoctortells.com was showing:

    "Hacked by RSDD3V1L
    there is no perfect system
    This is an operation to reject Valentine's Day
    _ _ _
    _ _ _
    We are Muslims. Soldier off Allah

    _ _ _
    _ _ _"

    Will you be interested in seeing the log files?
    What are the things you would like me to provide so that we know how this happened and what precaution is required?

    I had all updated plugins and themes. (I am using child theme).

    This is the second hack on my site. I am using shared server. The host said other sites were not affected.

    I followed the instructions as given in codex and on wordfence site.

    Waiting for your reply,
    Regards,
    Dr. Ashok Koparday

    http://wordpress.org/extend/plugins/wordfence/

  2. RonDsy
    Blocked
    Posted 1 year ago #

    Hi Dr Koparday,

    Wordfence obviously is not a cure all for protecting your WP site. I suggest you rename your wp-content folder, increase the password length and not use Admin for the admin name.

  3. Dr. Ashok Koparday
    Member
    Posted 1 year ago #

    Hi RonDsy,

    I appreciate your reply.

    Is it okay to rename 'wp-content' folder as something like 'my-box'? I don't know so I am asking.

    Yes, I shall always take care of password characters.

    You are right about the 'admin' thing. I get daily about 30 attempts (perhaps more) of attempted login with 'admin'. I would never have been aware of this had I not had Wordfence. I have activated the auto block function for 'admin' attempted login. I will check if it works. I had to manually add each I.P. to block the 'admin' logins.

    Wordfence is wonderful. The scanning is meticulous and frequent (not once in a month). I thank you for Wordfence. I have not changed over from Wordfence despite the hack.I had communicated with Mark about the first hack, too. It would be really worthwhile if there is more speedy interaction on support from Wordfence. I believe we can contribute through our experience and observation to make this wonderful plugin better. The features offered are almost as a premium plugin.

    Thanks for your support.

    Best wishes,

    Dr. Ashok Koparday

  4. RonDsy
    Blocked
    Posted 1 year ago #

    Hi drashok,

    Before you can rename a WP folder you have to state the path in the wp.config file.

    Go to line 3 and 4 in wp-config (root folder):

    Line #3. define( 'WP_CONTENT_DIR', 'http://mydomian.com/custom_folder' ); (the custom folder replaces "wp-content")

    Line #4. define( 'WP_CONTENT_URL', 'http://mydomian.com/custom_folder' ); (the custom folder replaces "wp-content")

    Before you do this, please rename the original wp-config.php so you have it in case you must fall back to that file.

    This should help keep bots out.

    P.S. Be mindful that there are plugin coders who hard code their script to the wp-content folder which is not a good practice. They usually fix that in good time.

    A word about Wordfence: Wordfence is a great product and we use it at TalkingManuals. There are also other measures that you must take to help secure your site. See Wordfrence product review at Talking Manuals

  5. Dr. Ashok Koparday
    Member
    Posted 1 year ago #

    Hi RonDsy,

    I wish to make these changes to rename 'wp-content' folder.
    In my wp-config.php file does not have both WP_CONTENT_DIR and WP_CONTENT_URL.

    wp-content appears only in two places in wp-config.php file:

    • define( 'WPCACHEHOME', '/home/ - - -path - - wp-super-cache/ (I no more have this plugin. I believe I can remove this.)
    • wp-content/languages

    What should I do? Kindly guide me.

    Thanking you for your reply.

    Dr. Ashok Koparday

  6. RonDsy
    Blocked
    Posted 1 year ago #

    Perhaps a security plugin moved the path statement. Do this:

    1 - Rename the "wp-config.php" to "wp-config Protect" via FTP or your C-Panel

    2 - Download it to your WordPress download folder ex: C:\MyDownloads\wordpress\wp-config.php - now your working wp-config is safely stored :)

    3 - Open /Edit the downloaded wp-config.php file and copy the lines which contain your database, user fields and table index. Paste these into a file like a notepad. These will be your database and user info to connect to your database - should anything happen. Again you have secured your database connection data

    4 - Now having your wp-config.php renamed, go the front page: you will be presented with a WP setup screen. Use what you have saved from your notepad for the fields. Manually enter these fields. Make sure you also use the same database table index prefix. They should be the same.

    5 - Closely follow the install wizard by using what you have copied into your notepad

    example:

    define('DB_NAME', 'database_name_here');

    /** MySQL database username */
    define('DB_USER', 'username_here');

    /** MySQL database password */
    define('DB_PASSWORD', 'password_here');

    /** MySQL hostname */
    define('DB_HOST', 'localhost');

    Again, make sure the tables index are identical.

    Use your same admin user name and password when asked.

    Now your new wp-config.php file is built after the install is successful.

    If this worked out. You should see the path statements. If the install failed for any reason, just rename the newly created one to "wp-config.php failed" and rename the "wp-config.php protect" to wp-config.php

    You will be back to where you were before you started.

  7. mbrsolution
    Member
    Posted 1 year ago #

    Hi @drashok have you checked to make sure all of your plugins are up to date?

    Kind regards

  8. RonDsy
    Blocked
    Posted 1 year ago #

    Revised:

    Add these lines to re-path to the custom wp-content folder:

    Add just after the first line after <?php

    <?php
    define( 'WP_CONTENT_DIR', 'http://mydomian.com/custom_folder' ); (the custom folder replaces "wp-content")

    define( 'WP_CONTENT_URL',

    ---------

  9. Dr. Ashok Koparday
    Member
    Posted 1 year ago #

    Thanks mbrsolution,
    Thanks RonDsy,

    Yes all my plugins are updated.
    I shall soon take up renaming of wp-content folder as guided by RonDsy.

    Ashok Koparday

  10. RonDsy
    Blocked
    Posted 1 year ago #

    Allow WP Better Security to create the custom wp-content folder. see review: http://talkingmanuals.com/wordpress-plugin-reviews/wp-security/ in combination with Wordfence. There exist overlapping functions in each so do not duplicate these.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic