Support » How-To and Troubleshooting » Site compromised?

Site compromised?

  • A visitor to my site mentioned that the first page had several lines of random text with links to various spam-type URLs at the top of my page. Everything looked okay when I visied my site later, but I found that there was a new, unknown Admin user in my Users section. Obviously, it was an unauthorizedd account, and it used my email address, but with a .co instead of .com. I deleted the account, but wonder whether there is something that I can do, like installing a particular type of plugin, to avoid this issue and similar ones. Thanks.

Viewing 1 replies (of 1 total)
  • Might be a database hack. You should obviously change your password to something more secure (nothing in the dictionary) and make sure you secure your wp-config.php and .htaccess files, for starters. CHMOD 444 should be good, but it’s not a fail safe. Also check your wp-config file to make sure there’s no strange code in there (I’ve noticed the eval hack happening a lot lately.) I’ve been searching for months now, testing different sets of security plugins, nothing seems to be a perfect fix though. Wordfence seems good, still not sure about it enough to recommend it yet though. I really like this one: http://wordpress.org/extend/plugins/duo-wordpress/ It’s really easy to set up, requires an authentication to log in, so if someone were to try to log in, I would get a message popup on my phone. When I log in, I get the phone popup and click the button to Allow me to get into the admin.

Viewing 1 replies (of 1 total)
  • The topic ‘Site compromised?’ is closed to new replies.