Question about potential hacks | WordPress.org

CCM_WordPress
(@ccm_wordpress)

8 years, 9 months ago

I have a website which is hosted by a third party provider, I have access to the WordPress admin panel and need to request FTP details from my third party.

On several occasions I have received alerts from Webmaster Tools to say the site has been compromised. When this happens and I log in to the WP admin panel I can see now additional pages or posts.

When I log in through through the FTP I see new folders have appeared in the root directory named something like “hknofjd”. My question is, could these folders have been created by a hack through the WordPress admin panel or one of the plugins or is this a “server” hack?

Viewing 1 replies (of 1 total)

leejosepho
(@leejosepho)

8 years, 9 months ago

I think what you are experiencing is an injection at server level because out-of-the-box WordPress needs to be “hardened”:
https://www.google.com/search?q=hardening+wordpress

BulletProof Security is my personal recommendation for dealing with that, and you might also consider NinjaFirewall for stopping certain malicious traffic before it ever even reaches WordPress.

https://wordpress.org/plugins/search.php?q=bulletproof
https://wordpress.org/plugins/search.php?type=term&q=ninja+firewall

Viewing 1 replies (of 1 total)

The topic ‘Question about potential hacks’ is closed to new replies.

In: Fixing WordPress
1 reply
2 participants
Last reply from: leejosepho
Last activity: 8 years, 9 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics