hacked, I think. Registration question (5 posts)

  1. rocker65
    Posted 2 years ago #

    G'day all.

    Right off the top, I want to say that I can't find a security section in this forum, so my apologies if this is the wrong section.

    I"m fairly new to WP, and like it a lot, except that I hear sites are being hacked frequently, and as the subject says, I've been hacked as well. I run an assortment of plugins to scan and help prevent this sort of thing. Someone from an IP in Amsterdam managed to somehow create an account? Just a publishing account, but still they created an account. How is this possible? So far I haven't found any damage or even any hidden code. I've removed all uneeded plugins and the default themes.

    My web logs shows the prick logging in somehow after some kind of hack, updating his profile and then logging out. I can add the web log entries if that helps.

    What is the best plan for dealing with these cretins? I have disabled registration, so that *may* help.

    Any pointers would be great.


  2. rocker65
    Posted 2 years ago #

    Sorry, I wasn't %100 clear on what I've done. I didn't know about the second link, but do know the first FAQ. I will read the locking-down* pdf and see what they have to offer.


  3. I think that you're right disabling the registration will help.

    Another thing to consider as well is hiring folks like sucuri.net.
    They are very good at monitoring all types of Hacks, not just WordPress.

    Of course, it's also important to consider which hosting provider you use. Some of the cheap ones are cheap for a reason. ;)

  4. rocker65
    Posted 2 years ago #

    I use A2hosting.com, I don't know if they are cheap compared to others. But versions are mostly up to date, php, phpadmin, and the full LAMP stack.

    I wish I had more time to learn WP, but I'm tight for time and may have to get ahold of the folks at sucuri.net.


    PS. Yodi?

    Love it.

Topic Closed

This topic has been closed to new replies.

About this Topic