Extortion Email Asking Site Ransom

sparkleballlady
(@sparkleballlady)

9 years, 8 months ago
I received an email recently from Armada Collective asking for bitcoin ransom or they would shut down my website. The good news is I had no idea how vulnerable my website was. I’ve taken some steps to protect it. SiteLock and SSL Certification from my hosting service. Changing passwords. Clearing unused plugins. What else can I do? I’ve read the “Hardening WordPress” article but I don’t understand much of it. Simple first-line defense instructions would be much appreciated. Today is the day they promised attack.

http://www.sparkleball.com
- This topic was modified 9 years, 8 months ago by Jan Dembowski.

Viewing 9 replies - 1 through 9 (of 9 total)

Andrew Nevins
(@anevins)

WCLDN 2018 Contributor | Volunteer support

9 years, 8 months ago

Which bit specifically are you stuck with on that Codex article?

Moderator Steven Stern (sterndata)
(@sterndata)

Volunteer Forum Moderator

9 years, 8 months ago

It’s probably a phishing expedition, rather than a targeted attack. If you’ve done the hardening steps and your site is up to day, then you *should* be OK. You might just drop a note to the tech support and security folks at your host, just in case, and make a full and complete backup.

“Backupwordpress” is a good plugin for that. Be sure to download the backup. Don’t leave it on the site.
Thread Starter sparkleballlady
(@sparkleballlady)

9 years, 8 months ago
thank you, @sterndata. I googled the group. some attacks do happen. some are copycat. my site needs as much protection as I can muster since I plan to launch a new product this week.
- This reply was modified 9 years, 8 months ago by sparkleballlady.
Thread Starter sparkleballlady
(@sparkleballlady)

9 years, 8 months ago

hey @anevins,

The following things I don’t understand nor know if they’re applicable to my site:

1. SFTP vs FTP
2. File Permissions
3. Securing WP-Admin
4. Firewall for my site

Thank you!

Alex
barnez
(@pidengmor)

9 years, 8 months ago
@sparkleballlady

I received one of those a few weeks ago. The general consensus is that this is a generic message where there is nothing specific to the site under threat, or anything unique about the BitCoin account where they could tell if you’ve actually paid. My promised day of attack came and went, but then I have taken all those hardening steps so feel confident in the site’s security. It’s never a bad time to beef up your security though!
- This reply was modified 9 years, 8 months ago by barnez.
Thread Starter sparkleballlady
(@sparkleballlady)

9 years, 8 months ago

good to know, @pidengmor. thank you– my site was tres soft, so this is a blessing (maybe) in disguise. More learning.

Moderator Steven Stern (sterndata)
(@sterndata)

Volunteer Forum Moderator

9 years, 8 months ago

Backups are a good strategy. Set something up so it’s (1) automatic and (2) the backup is not stored with the site and (3) doesn’t rely on your host. In the long run (and I speak from experience), one is a greater threat to one’s website than any external threat.

Thread Starter sparkleballlady
(@sparkleballlady)

9 years, 8 months ago

Question: does it make your site much more secure to have an admin page with a more complicated address than http://www.website.com/wp-admin ?? And if so, is there a place that gives directions for this change?

Moderator Steven Stern (sterndata)
(@sterndata)

Volunteer Forum Moderator

9 years, 8 months ago

: does it make your site much more secure to have an admin page with a more complicated address

In my opinion, no. There are plugins that will hide your login pages, though.