[resolved] Best way to avoid hackers (4 posts)

  1. kjetilgf
    Posted 6 years ago #

    What's the best way to protect a site against hackers?
    Someone's used some back doors to place exploit code - and for a while also virus on our site.
    I've already removed phpmyadmin and all wp files (themes etc) not in use, places empty index.html files in the plugins' folder - and trying out the AskApache password protect plugin (but this also causes some problems)
    Anyone with some great advice?
    Would be grateful
    PS I could upgrade to WP271 but this will break some plugins

  2. What's the best way to protect a site against hackers?

    Try http://codex.wordpress.org/Hardening_WordPress

    And keep WordPress, your themes and plugins up to date. If you check regularly then you improve your chances to catching the "UPGRADE NOW OR ELSE!" messages.

    PS I could upgrade to WP271 but this will break some plugins

    PS There ought to be a law... I am not aware (and have not really checked, truth be told) of any 2.6.5 exploits but keeping up with the current released version tends to be the safest way to go.

  3. kjetilgf
    Posted 6 years ago #

    Thanks a lot for your swift reply.
    Lots of interesting reading here. I've done some of it already, but no I know I won't have to spend the nicest day so far this summer outdoor...

    The worst consequences so far is that malicious code somewhere in the site has triggered a bloodhound exploit (as described here) - and that (I guess) this as triggered a warning from Google which they probably won't fix for several weeks. In other words: Both we and users with security settings in Explorer and Safari set to High, will get a Harmful site warning which no one knows if is true.
    (By the way, one of the damaged WP files was the default theme's image.php - in WP262.)

    Thanks again,

    PS Of course I'm also searching for replacements for plugins to move on to WP 2.7 - but soon we'll have WP 2.8. Even some of the "hardening" recommendations are outdated. Its a continuous race :-/

  4. kjetilgf
    Posted 6 years ago #

    Problem solved - I hope (and strongly believe)
    - I closed down the site with a simple "site's down" index.html file on root (to avoid malware problems for visitors)
    - Shut out all .com visitors temporarily using WP Ban, since the attack came from/via the US.
    - removed all files not in use on the server, including themes, plugins and even a phpMyAdmin installation
    - upgraded from WP 2.6.2 to 2.6.5. No plugins failed (which would be the case with the newest WP, 2.7.1)
    - Installed AskApache Password Protect (great tip from jdembowski above - in Hardening WordPress) to make a protective shield around the site.
    - Scanned site using WP Exploit scanner and the freeware antivirus and link-checker software AVG. Even avg found things the plugins didn't discover. Eg Symantec didn't find anything on a downloaded copy of the site.
    Using antivirus software was far from obvious. As a Mac user this is just not a common problem.
    - After finding a hack in one plugin I replaced most of them with fresh copies. (We're talking about a site with three WP installs, just one was hacked.)
    - Placed an empty index.html file in the plugins folder (to avoid robots from entering)
    - Removed the .com ban
    - Asked visitors to report eventual problems
    Think that was all.
    It's just amazing how much time one can waste because some silly jerk manages to enter your site.
    I hope procedure can help others. Feel free to add other tips!

Topic Closed

This topic has been closed to new replies.

About this Topic