My Websites Hacked admin-ajax.php

  • memo240

    (@memo240)


    5 years, 8 months ago

    hello, i am using the latest version(5.5) of wordpress themes and plugins. I also have 2 custom-written add-ons.
    I tried all the protection methods I know of.
    wp-config.php and wp-admin url and admin nickchanged
    .htaccess disable xmlrpc.php and wp-config.php
    Installed Wordfence + 2FA login
    Password reset blocked
    MYSQL name and password is good.
    I got hacked
    https://prnt.sc/u13mku see photo
    wp-admin/admin-ajax.php and wp-login.php
    Can you give me another idea for wp protection?
    Hacker try this
    ?action=lostpassword (a lot of and he login my wp-admin)
    wp-admin/admin-post.php?page=wysija_campaigns&action=themes (i don’t use wysija)
    wp-login.php

    How can I close requests from outside admin-ajax.php wp-login.php wp-load.php?

    • This topic was modified 5 years, 8 months ago by memo240.
    • This topic was modified 5 years, 8 months ago by memo240.
    • This topic was modified 5 years, 8 months ago by memo240.
    • This topic was modified 5 years, 8 months ago by memo240.
Viewing 5 replies - 1 through 5 (of 5 total)
  • Moderator t-p

    (@t-p)

    5 years, 8 months ago

    Carefully follow this guide.

    When you’re done, you may want to implement some (if not all) of the recommended security measures and start backing up your site.

    If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Off hand, couple of names that come to mind are Sucuri and Wordfence.

    Thread Starter memo240

    (@memo240)

    5 years, 8 months ago

    I know how to back up the site, I set it up from scratch as xml. I need a solution for this, how many times I installed the site, there is the same problem

    Moderator t-p

    (@t-p)

    5 years, 8 months ago

    If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Off hand, couple of names that come to mind are Sucuri and Wordfence.

    Thread Starter memo240

    (@memo240)

    5 years, 8 months ago

    i use wordfence it’s not help me.

    Thread Starter memo240

    (@memo240)

    5 years, 8 months ago

    I already cleaned the viruses myself(and some webmaster), but the guy adds a virus again, where can I find this vulnerability

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘My Websites Hacked admin-ajax.php’ is closed to new replies.