Forums

WordPress › Support » How-To and Troubleshooting

Site Hacked Twice in the last 14 days - Advice Needed (6 posts)

  1. MagicStick
    Member
    Posted 7 months ago #

    Hello.

    In the last two weeks I've had to restore my site from a backup twice. First time appeared to be something to do with a phpspy injection hack. My wp-config details were changed and several emails were sent out using a php script which was added to my server.

    I did all the usual stuff. Changed passwords etc and added 'website defender' plugin to my site and followed the advice from there.

    It appears it has happened again today. I have a file on my server called byroe.php and my site will no longer load.

    I'm currently in the process of restoring from a backup but can you guys give me some advice on how to prevent this from happening again?

    Thanks so much.

  2. Tim S
    Member
    Posted 7 months ago #

    Depending on the nature of the hack, determines your course of action.

    You should make sure all the software is up to date, including WordPress and any plugins you may be using. Patches and sofwtare updates are released generally to fix security flaws found in the software.

    Also, you should run a malware and virus scan of your local computer to be sure you do not have anything there. If someone has access to your local machine, no matter how strong your passwords are, they can gain access via a keystroke logger.

    You'll need to change ALL your passwords to a non-dictionary alpha-numeric passwords. It's important to change your passwords regularly and do not set them to the same thing.

  3. MagicStick
    Member
    Posted 7 months ago #

    Thanks TIm. I'm running on a mac so not sure if I still need to do the virus scan. I also use 1Password, which required no keystokes?

    Is there any recommended malware remover for macs?

  4. Tim S
    Member
    Posted 7 months ago #

    whether you are on a Mac or not, running a virus scan is imperative. While viruses for macs aren't nearly as common they are still out there. Mac releases updates for security Apple Security

    I'm not too familiar with apple products, so I can't say I'd be much of a help with that. I can tell you, make sure your passwords to WordPress are strong.

  5. MagicStick
    Member
    Posted 7 months ago #

    Thanks mate. Yeah. I just updated my passwords to wordpress to something very strong. I'll look into virus/malware removal on mac. At first glance I found this which is available on the mac store for free:

    http://www.clamxav.com/

  6. Tim S
    Member
    Posted 7 months ago #

    I work for a large hosting company and some of our customers use the linux version of clamav.

    I personally have never used it, I use a configserver firewall with brute force detection on my own server, but I'm running linux.

Reply

You must log in to post.

About this Topic

Tags