WordPress.org

Ready to get started?Download WordPress

Forums

Theme Hacked (5 posts)

  1. drunkenzombie
    Member
    Posted 1 year ago #

    I have a self hosted wordpress blog that seems to keep getting hacked. They keep going in and adding a bad javascript redirect in the index file of my theme no matter what theme I'm using. I've changed all the passwords, deleted any unused logins, downloaded Wordfence Security. But somehow they keep getting in and changing it. What can I do to keep it from happening?

  2. Viscosity
    Member
    Posted 1 year ago #

    Actually there are few things you need to look into.

    1,Look into your control panel or error log message for those error encounter.
    2.Summary the error log and find out what is the attack vertor target is at php or other.
    3. Use Timthumb security scan on your wordpress and update it as most of the theme contain outdated Timthumb which prone to hack.
    4. Use Theme Authenticity Checker (TAC) to scan for malicious code if you are using free theme.
    5. Use a firewall to only allow the designated port for your blog only.
    6. Use a IDS/IPS to protect your system from being rooted.

    .................

    There are lot more and i do not wish to get into more details least you do the basic.

  3. esmi
    Forum Moderator
    Posted 1 year ago #

  4. Viscosity
    Member
    Posted 1 year ago #

    @esmi What the given the link is based on web application but network layer including the OS are not covered as this is a self host wordpress.

  5. esmi
    Forum Moderator
    Posted 1 year ago #

    Agreed but anything beyond the web app are really outside the scope of these forums. There are far better resources elsewhere that deal with network and OS security.

Topic Closed

This topic has been closed to new replies.

About this Topic