Hacked, Cleaned but something is still amiss
-
Our website was compromised earlier this year. We never really found what the security gap was but the goal seemed to be using our mailserver to send spam Emails. After using wordfence to clean things up and changing all passwords things got back to normal – almost. Our -rather simple- website takes about 26 seconds to load. According to popular website analyzers there is a solid 16 secs of wait before server starts sending data. We spoke with our hosting service and they said our website was trying to contact a specific IP address and that could be the cause of the delay.
They quoted:connect(7, {sa_family=AF_INET, sin_port=htons(80), sin_addr=inet_addr(“**.***.***.**”)}, 16) = -1 EINPROGRESS (Operation now in progress)
The IP address seems to be somewhere in Russia and does not resolve to a specific website -although several dodgy ones have used it in the past.
Since that, we reinstalled every plugin, installed Sucuri Security and run additional scans but problem still persists.
Any advice on how to proceed? Website address: atmors.gr
- The topic ‘Hacked, Cleaned but something is still amiss’ is closed to new replies.