Title: Multiple hacking attempts Last modified: August 30, 2016 --- # Multiple hacking attempts * [Romanceor](https://wordpress.org/support/users/romanceor/) * (@romanceor) * [10 years, 11 months ago](https://wordpress.org/support/topic/multiple-hacking-attempts/) * Hello, * I am running a WordPress 4.2.2 installation on a mutualized OVH hosting with the Avada theme on its last version. * Since two weeks, I have received about 10 times a mail from hoster telling me that their bot “Okillerd” detected an intrusion on my website. * Problem : Executing deleted program Commande apparente : ././crond Exécutable utilisé : /homez.625/myhost/wp-content/plugins/gravityforms/.nfs00000000017a68d80000662f * Note that the “Exécutable utilisé” line allways changes * In order to prevent the hackers to try again, OVH blocks the whole system by changing file permissions. I then have to reset a 755 via FTP. * Hide My WordPress plugin shows details for more than 350 hacking attempts. * Looking at the right timecode into my hosting logs, I found this : * 109.74.6.254 URL – [11/Jun/2015:17:38:30 +0200] “POST /wp-content/plugins/revslider/ js/dropdownchecklist/index.php HTTP/1.1” 200 20 “-” “Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0” 109.74.6.254 URL – [11/Jun/ 2015:17:38:31 +0200] “POST /wp-content/plugins/fusion-core/shortcodes/class-one- fifth.php HTTP/1.1” 200 165 “-” “Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0” 109.74.6.254 URL – [11/Jun/2015:17:38:31 +0200] “ POST /wp-content/plugins/gravityforms/tooltips.php HTTP/1.1” 200 75 “-” “Mozilla/ 5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0” * But I can’t understand what to do in order to stop the problem. * Could anyone help me on that ? * Thank you very much ! Viewing 2 replies - 1 through 2 (of 2 total) * [girlspeaksgeek](https://wordpress.org/support/users/girlspeaksgeek/) * (@girlspeaksgeek) * [10 years, 11 months ago](https://wordpress.org/support/topic/multiple-hacking-attempts/#post-6222221) * do you have a plugin for security? try wordfence they have a ton of options for how to deal with brute force attacks as well as other security threats. * Thread Starter [Romanceor](https://wordpress.org/support/users/romanceor/) * (@romanceor) * [10 years, 11 months ago](https://wordpress.org/support/topic/multiple-hacking-attempts/#post-6222224) * Hello, As I told I allready have HMWP that logs the hacking attempts, but doesn’t seem to stop them… But I would like to understand what’s happening before to install new plugins and going into “tons of options”. Thank you. Viewing 2 replies - 1 through 2 (of 2 total) The topic ‘Multiple hacking attempts’ is closed to new replies. ## Tags * [hacking](https://wordpress.org/support/topic-tag/hacking/) * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 2 replies * 2 participants * Last reply from: [Romanceor](https://wordpress.org/support/users/romanceor/) * Last activity: [10 years, 11 months ago](https://wordpress.org/support/topic/multiple-hacking-attempts/#post-6222224) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics