Title: Hacker?
Last modified: August 30, 2016

---

# Hacker?

 *  Resolved [andreaag](https://wordpress.org/support/users/andreaag/)
 * (@andreaag)
 * [10 years, 6 months ago](https://wordpress.org/support/topic/hacker-3/)
 * Someone has been trying to login in to my website for a week now. I changed the
   login page url and enabled 404 error. In the log attempts, it shows someone is
   got a 404 error page while trying to go to [http://www.blablabla.com/license.php](http://www.blablabla.com/license.php).
 * Function Priority Time Host User URL
    404 Error 3 2015-11-10 11:53:35 82.208.100.45/
   license.php

Viewing 10 replies - 1 through 10 (of 10 total)

 *  [Andrew Nevins](https://wordpress.org/support/users/anevins/)
 * (@anevins)
 * WCLDN 2018 Contributor | Volunteer support
 * [10 years, 6 months ago](https://wordpress.org/support/topic/hacker-3/#post-6735972)
 * Probably, there’s always a hacker trying to get into your site
 *  Thread Starter [andreaag](https://wordpress.org/support/users/andreaag/)
 * (@andreaag)
 * [10 years, 6 months ago](https://wordpress.org/support/topic/hacker-3/#post-6735973)
 * I have no idea what license.php is, so is this a hack?
 *  [Andrew Nevins](https://wordpress.org/support/users/anevins/)
 * (@anevins)
 * WCLDN 2018 Contributor | Volunteer support
 * [10 years, 6 months ago](https://wordpress.org/support/topic/hacker-3/#post-6735974)
 * Does this file exist in your root directory?
 *  [kmessinger](https://wordpress.org/support/users/kmessinger/)
 * (@kmessinger)
 * [10 years, 6 months ago](https://wordpress.org/support/topic/hacker-3/#post-6735975)
 * Sucuri shows you blacklisted.
    [https://sitecheck.sucuri.net/results/513.c62.myftpupload.com/](https://sitecheck.sucuri.net/results/513.c62.myftpupload.com/)
 *  Thread Starter [andreaag](https://wordpress.org/support/users/andreaag/)
 * (@andreaag)
 * [10 years, 6 months ago](https://wordpress.org/support/topic/hacker-3/#post-6735978)
 * i only find license.txt. I had already changed my login page url, but somehow
   still managed to find my login page and tried signing in.
 *  [Andrew Nevins](https://wordpress.org/support/users/anevins/)
 * (@anevins)
 * WCLDN 2018 Contributor | Volunteer support
 * [10 years, 6 months ago](https://wordpress.org/support/topic/hacker-3/#post-6735988)
 * It’s a dumb robot that is stabbing in the dark
 *  Thread Starter [andreaag](https://wordpress.org/support/users/andreaag/)
 * (@andreaag)
 * [10 years, 6 months ago](https://wordpress.org/support/topic/hacker-3/#post-6735989)
 * [@kmessinger](https://wordpress.org/support/users/kmessinger/) that domain is
   not the main domain for the website. Does it make a difference? I checked the
   main domain and according to sucuri, the main domain is not blacklisted.
 *  [kmessinger](https://wordpress.org/support/users/kmessinger/)
 * (@kmessinger)
 * [10 years, 6 months ago](https://wordpress.org/support/topic/hacker-3/#post-6736012)
 * The site I checked was the one on your profile.
 *  [Lisa](https://wordpress.org/support/users/lisafoxnet/)
 * (@lisafoxnet)
 * [10 years, 6 months ago](https://wordpress.org/support/topic/hacker-3/#post-6736018)
 * Hi-
 * Do you have any security plugins installed and enabled? I personally like WordFence.
 * Here’s how I would go about cleaning up:
 * -Make sure you change your password to something really strong (uppercase/lowercase/
   number/character)
 * -Make a backup of your wp-content/themes/ folder
 * -Write down the plugins you have activated
 * -Download a fresh copy of the latest version of WP
 * -Using FTP, log into your server and delete all the WP core files and re-upload
   the fresh copies (including downloading all new plugin files and reuploading)
 * -Take a look at your home directory and make sure there are no “odd” files (you
   can compare what’s in the WP download folders with the folders on your server—
   if you find any discrepancies, proceed cautiously before deleting)
 * -Get new Salt keys (good article here: [http://www.wpbeginner.com/beginners-guide/what-why-and-hows-of-wordpress-security-keys/](http://www.wpbeginner.com/beginners-guide/what-why-and-hows-of-wordpress-security-keys/))
 * That’s just a starting point. Depending on your level of technical skill, there
   are more advanced things you can do. But doing the above is a bare minimum.
 *  Thread Starter [andreaag](https://wordpress.org/support/users/andreaag/)
 * (@andreaag)
 * [10 years, 6 months ago](https://wordpress.org/support/topic/hacker-3/#post-6736026)
 * [@kmessinger](https://wordpress.org/support/users/kmessinger/)
    Both domains 
   are directed to one IP address. I don’t understand how one would be blacklisted
   and the other one wouldn’t be.
 * [@lisafoxnet](https://wordpress.org/support/users/lisafoxnet/)
    Thank you very
   much that was very helpful. I had already did a few things on that list. I will
   continue to complete the rest.

Viewing 10 replies - 1 through 10 (of 10 total)

The topic ‘Hacker?’ is closed to new replies.

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 10 replies
 * 4 participants
 * Last reply from: [andreaag](https://wordpress.org/support/users/andreaag/)
 * Last activity: [10 years, 6 months ago](https://wordpress.org/support/topic/hacker-3/#post-6736026)
 * Status: resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics