My blog was hacked. How can I beef up security? (5 posts)

  1. pastajon
    Posted 10 years ago #

    A blog I set up was recently hacked in to. How can I beef up security to prevent this from happeing again?

    Here is the content of the hacker:

    We Are Ä°n The services of the great Turkish Nation..."
    Hacked By ÇukurOva'li


    "Türk" "iN'Ha" "G3RİLLA" "TuRkiSh.HaCkEr" "K.r.M"

    "We Are Ä°n The services of the great Turkish Nation..."

    I Am Turkish Hacker


    Bu Vatan, Yüce Türk Milleti İçin

  2. Samuel B

    Posted 10 years ago #

    It's your host's job to make your site secure unless you left install.php or upgrade.php on your server or have file permissions set too high on some of your WP files.

  3. Pizdin Dim
    Posted 10 years ago #

    Because WP is a very popular and widely known piece of software, the likely location of your admin login is also well known to anyone who's interested.

    1. If you're still using the default admin username, don't. Change it to something else.

    2. Make sure your admin password is nice and secure.

    3. Use .htaccess and .htpasswd to further protect your admin area. More info here, here and here.

    4. Make sure all your WP files are only writable by your user account, not the whole world.

  4. Webhostinguk
    Posted 10 years ago #

    You must have left some of the php files in your blog with 777 permission. Most probablly the themes were left with 777 permission as you need to keep them with that permission to modify them from admin section of your wordpress blog.

  5. manstraw
    Posted 10 years ago #

    I always feel it's important to caution people to not assume wordpress was the way the hacker got in. You could have other issues with your webhosting. And once hacked, you never know what backdoors have been left behind. The hacker may easily come back again. I recommend you either ask to be moved to a new server, or get yourself a new host.

Topic Closed

This topic has been closed to new replies.

About this Topic