How to stop hacking attempts? (6 posts)

  1. salcedomark
    Posted 3 years ago #

    Hello everyone.
    Recently, about 2 weeks ago, I logged into my wp to find a bunch of odd strings of letters and numbers all over my dashboard. I checked the site and sure enough it had been hacked, there was a giant image saying "this site has been hacked by bangladesh hackers" or something to that effect.

    I exported my posts and pages, uninstalled and reinstalled wordpress. This time I used the app Better Wp Security, it helped with banning some login attempts, however files keep getting changed and deleted, immediately after these files are changed, I get a bunch of fake "updates available" to themes and plugins, I know they are fake because the versions it asks me to upgrade to aren't the real versions available. When this happens, ALL the themes have an update available..

    I have a two part question:
    1. After these files have been changed, most recently this happened yesterday, should I uninstall wordpress and install fresh again?

    2. What else can I do to protect my site other than a plugin?

    Time Added Deleted Modified Details Memory Used
    2012-12-12, 3:51 AM 226 149 771 View Details 4.74 MB
    2012-12-11, 3:50 AM 386 242 2 View Details 3.76 MB
    2012-12-10, 12:31 AM 0 0 1 View Details N/A
    2012-12-09, 9:10 AM 59 14 3 View Details 3.13 MB
    2012-12-08, 8:11 AM 1070 0 0 View Details N/A

  2. Mark Ratledge
    Forum Moderator
    Posted 3 years ago #

    Did you completely clean your site the first time? And change all passwords and scan your own PC?

    See FAQ: My site was hacked « WordPress Codex and How to completely clean your hacked wordpress installation and How to find a backdoor in a hacked WordPress and Hardening WordPress « WordPress Codex.

    Tell your web host you got hacked; and consider changing to a more secure host: Recommended WordPress Web Hosting

  3. salcedomark
    Posted 3 years ago #

    Thank you songdogtech, yes I followed the instructions on completely cleaning out the hacked wordpress. I will be reading on how to find a backdoor next, if all else fails I will have to switch hosts, I've never had this problem before with other hosts.

  4. You can also protect your WP installation via .htaccess in a variety of ways...

  5. Mark Ratledge
    Forum Moderator
    Posted 3 years ago #

    @josh, The plugin the salcedomark was using offers those .htaccess tweaks. And the .htaccess tweaks offered at that site are repeated elsewhere, ad infinitum.

    But nothing will do any good if you're on a host whose shared accounts are insecure and are the vectors into other accounts.

  6. Mr. songdogtech,

    And that is why, you my friend, are a mod ;)

    Thank you for the clarification! And yes, agreed with the hosts.

Topic Closed

This topic has been closed to new replies.

About this Topic