Hello, I'm so frustrated as my site at http://www.ploughinn.com is repeatedly hacked, and I'm finding it so time consuming and disruptive to keep sorting it out. I'd really appreciate some advice.
I've had several WordPress sites, and never any problem before. Then around 2 months ago I built http://www.ploughinn.com and started to get hacked. After the first time I ran a deep scan on my laptop and found no problems there.
AFter the second time I found a plug in called Wordfence. I use the latest version of WordPress and update all my plugins. Sometimes I get an email from wordfence telling me someone has tried to log in more than 10 times and are blocked out. When this happens I block their range of ips using Wordfence.
Wordfence also tells me if the site is clean and has been saying it is with all the green ticks.
I don't know if they are hacking the site through wordpress or not. It is very strange. Also, why do they do it? They don't seem to be promoting anything. And why do they repeatedly attack my site? What's in it for them?
As you can tell I am most frustrated by this experience, and now, on my about 6th hack (it is happening every few days now) I'm at my wits end. This latest time I got no warning from Wordfence or anything, just happened to go to my site url and find it hacked again.
I don't even know if this is a wordpress thing. I do change my passwords every time, and even my user ID, but I don't know if they are getting in that way.
If anyone can shed any light on this, and help in anyway, I'd be very grateful!
I can restore the site after 2 or 3 hours or so by restoring a back up from my hosting provider, but what's the point if in 2 days I get hacked all over again. Please note I'm not particularly technically literate so go easy on the more gritty technical stuff. Thanks very much!