Forums

WordPress › Support » How-To and Troubleshooting

[resolved] wordpress security. Site hacked twice in a month (5 posts)

  1. neverpaintagain
    Member
    Posted 3 months ago #

    Hi, my site has been hacked twice in the space of a month and i need urgent help if anyone can suggest anything, or a better security plug in.

    We have found rogue code, and deleted in the CMS (theme Editor), but i suspect it is elsewhere. Site scans reveal the site is clean, but i know its not. We have locked ftp, changed all passwords, but it still seems to get in. I cant afford to have our site hacked again. can someone suggest a good security plugin for wordpress

  2. Jan Dembowski
    Volunteer Mod. & Brute Squad
    Posted 3 months ago #

    The problem with any security plugin recommendation is that it relies on WordPress to be intact and not compromised. Sadly, you're past that point.

    You've a lot of work and reading ahead of you. You have already made a great start with password changes, if you haven't already give these a read.

    Backup everything and put that somewhere safe. This is your safety net.

    http://codex.wordpress.org/WordPress_Backups
    http://codex.wordpress.org/Backing_Up_Your_Database
    http://codex.wordpress.org/Restoring_Your_Database_From_Backup

    Once that's safely put away, give these a read.

    http://codex.wordpress.org/FAQ_My_site_was_hacked
    http://wordpress.org/support/topic/268083#post-1065779
    http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
    http://ottopress.com/2009/hacked-wordpress-backdoors/

    When possible, you'll need to replace all of your files with good ones from the source. Once you've reached the Happy Place™ consider doing this.

    http://codex.wordpress.org/Hardening_WordPress

    It will make automated updates a manual thing (locking down the file system) but until your confident the site is secure that's probably not a bad thing. When you're convinced it's all good, then you can relax the file system restrictions back to normal.

    Good luck.

  3. neverpaintagain
    Member
    Posted 3 months ago #

    thanks ever so much for the help and advice. We have located the source of the infection and are taking several steps to remedy it. Thanks again

  4. Jan Dembowski
    Volunteer Mod. & Brute Squad
    Posted 3 months ago #

    Glad to help! Can you mark this as resolved?

    It'll help future generations searching for this issue and more importantly, I'll be closer to getting another free soup in the WordPress cafeteria. Just a few more punches on my lunch ticket...

  5. neverpaintagain
    Member
    Posted 3 months ago #

    :)

Reply

You must log in to post.

About this Topic

Tags