Plugin Author
AITpro
(@aitpro)
BPS does not automatically clean up a website that is already hacked. You can use a scanning plugin to find the obvious hacker code and files and then you will have to do the rest of the website hack cleanup manually since scanners are not capable of finding hidden backdoor hacker files or other hacker files that are not detectable by scanners.
Read this WordPress post first as a reference/starting point: http://codex.wordpress.org/FAQ_My_site_was_hacked
WordPress hack cleanup
http://forum.ait-pro.com/forums/topic/wordpress-hacked-wordpress-hack-cleanup-wordpress-hack-repair/
Sorry the question, I have your plugin running for months and we are still getting file dropped in to our website.
The plugin is not shutting down access anymore. Any thing we can do?
Plugin Author
AITpro
(@aitpro)
Then that means that the hacker’s code and files are already in your hosting account somewhere. BPS is designed to prevent that from happening, but if that has already happened then you would need to clean up the hacked website|hosting account. An analogy would be if bank robbers (hackers) are already in the bank vault (hacker files and code) then the bank vault door (BPS) is no longer a factor in the robbery (hacked website|hacked hosting account).
When you clean up your hacked hosting account|website it is important to try to find the point of entry|how the hack was done.
Example: Let’s say you have a plugin or theme installed that has an upload form in that plugin or theme and that upload form can be exploited to upload hacker files and code. BPS does not block the normal functionality of other plugins and themes otherwise BPS would break all other plugins and themes. So if the exploit|vulnerability is seen as a normal functionality in another plugin or theme then BPS will not interfere with that plugin’s or theme’s normal functionality.
The #1 point of attack|entry point is FTP. There are lots of free FTP password cracking applications available all over the Internet. These FTP passwords could be cracked in a couple of minutes: duck, 12345, cat345, dog56783. This secure FTP password would take a very, very long time to crack: r#8Un!6X*t9H4#
If you have a secure FTP password that would take 6 months to crack and you change your FTP password once a month then your FTP passwords would never get cracked. 😉
Plugin Author
AITpro
(@aitpro)
Assuming all questions have been answered – thread has been resolved. If the issue/problem is not resolved or you have additional questions about this specific thread topic then you can post them at any time. We still receive email notifications when threads have been resolved.
Thread Start Date: 2-17-2015
Thread Resolved/Current Date: 2-25-2015
