Help sites database hacked repeatedly

  • Starhorsepax2

    (@starhorsepax2)


    6 years, 2 months ago

    We know its the duplicator thing and removed from all sites. But they are still getting in..

    We have access to reseller account but dont know how to lock it down and keep them out on the shared server long enough to deal with the other server clients.

    Can anyone just point us in the right direction? We’ve been at war with it for over a week.

Viewing 2 replies - 1 through 2 (of 2 total)
  • wfdave

    (@wfdave)

    6 years, 2 months ago

    Hi @starhorsepax2,

    If attackers are still able to access your site, even after removing the Duplicator plugin. There might be another plugin exploit – or the attackers have installed a backdoor on your site’s machine.

    In the case of a backdoor, I would recommend a clean wipe and reinstall of everything on your site. If you have the option with your hosting provider, you’ll want to request them to format your machine, and then you can go back in and reinstall WordPress, Wordfence, and the any other plugins, as well as your site’s content.

    Dave

    Thread Starter Starhorsepax2

    (@starhorsepax2)

    6 years, 2 months ago

    🙁 The trouble is the shared hosting methinks. Other sites still have that duplicator. We’ve run wordfence scans, cpanel virus scans and found zilch. I’m trying to grab backups but it’s like trying to plug a leaky dam if they won’t crack down on those ignoring that duplicator thing after being warned!

    We have a multitude of sites on this thing and we’re trying to save them all. Sadly we don’t have recent download backups of all of them.

    • This reply was modified 6 years, 2 months ago by Starhorsepax2.
Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Help sites database hacked repeatedly’ is closed to new replies.