WordPress.org

Ready to get started?Download WordPress

Forums

Wp sites getting hacked (2 posts)

  1. tiwwa30
    Member
    Posted 1 year ago #

    Hello,

    I have a question, hope someone can help.

    I run a few websites for clients, at different hosters. Some of these websites are kept uptodate. And a few are not. I also have a reseller account with one hoster. Some of the sites at this hoster get hacked few times a week. But the ones at external parties never get hacked. The ones on the reseller hosting all get updated on a regular basis. As well as the plugins.

    Most of the functionality of these sites are done in the functions.php of the templates we build for our clients. We try to keep the amount of plugins at a minimum and all we use is eshop, yoast, better wp security.

    Like i said the websites are hacked frequently, and at those domains I have used better wp security to change the admin user id, secure the core, change database prefixes. I have also checked permissions, on files it is 644 and on folders 755. I use ssh to check this. Also have limited follow through with a robot text, used strong passwords, and limited the htacces.

    I have also asked the hoster to check the log files of the server. No one but my IP and my colleague have access or gain access on the ftp, also change ftp passwords regularly, and use strong passwords.

    The hacking generally is none destructive, but it is in almost all the folders that junk gets injected into header or index files, and on some occasions before better security use also admin used with ID 1 was corrupted, but this has stopped.

    Also the nature of the content that is injected is weird, the person doing this boasts about it on a website that keeps track of hacked wordpress websites, but the website is in an Arabic or middle eastern language with links to email, but doesn't seem to be fundamentalistic in origin.

    I tried contacting the email address, but no response as i though. None of my clients are of any harmful or nefarious nature, we make a point about that.

    So it is very annoying, and harms our clients.

    I personally love working with wordpress, and would like to continue doing so.

    What can i do? Is there a solution other then the ones i already tried? Is it an issue with my hoster?

    Hope someone can help!?

  2. kmessinger
    Volunteer Moderator
    Posted 1 year ago #

    Looks like you have done a lot. I don't know if any of these are useful.

    http://codex.wordpress.org/FAQ_My_site_was_hacked
    http://wordpress.org/support/topic/268083#post-1065779
    http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
    http://ottopress.com/2009/hacked-wordpress-backdoors/

    Additional Resources:

    http://sitecheck.sucuri.net/scanner/
    http://www.unmaskparasites.com/
    http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html
    http://codex.wordpress.org/Hardening_WordPress
    http://www.studiopress.com/tips/wordpress-site-security.htm

    Is it an issue with my hoster?

    Most (maybe all?) hacks to WP come from other sites on the server. But we will never stop all hacking in fact security experts say it will only get worse. I don't know your audience but I try to ban entire countries -Russia, China, Japan - I run thru CloudFlare and every time I get a attempt from some country I don't care about I ban them.

Topic Closed

This topic has been closed to new replies.

About this Topic