• I noticed that when I login to admin on my wp site I cant see my site name, insted I see this:

    [+ADw-/title+AD4-Hacked By Mister Spy +ACYAJg Souheyel.+ADw-DIV style+AD0AIg-DISPLAY: none+ACIAPgA8-xmp+AD4-]

    Shield did not recognize this.
    any suggestions?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Paul

    (@paultgoodchild)

    There are many, many ways that a site can be hacked and Shield can only mitigate a subset of these.

    You will need to find a specialist in the area of repair of hacked site, or work with your webhost to isolate the cause and clean the site. Make sure all your plugins, theme, and WordPress is up-to-date.

    Thread Starter malkah

    (@malkah)

    I had to revert my site to an earlier backup.
    but I really need to know how this is possible and how to prevent this.

    if anyone can help, please do.

    thanks

    How is this possible:

    a) Virus on your local machine
    b) Passwords compromised
    c) Neighbouring sites infected on shared hosting
    d) Vulnerable plugins/themes
    e) Outdated plugins/themes/WordPress core
    f) Something else

    How to prevent this:

    a) Scan local machine: https://www.eset.com/us/online-scanner/
    b) Change WordPress login/cPanel/FTP/database passwords to unique and 15+ character ones. Use a password manager such as KeyPass to generate and store so you don’t need to remember.
    c) Contact host. If they sound disinterested then it may be worth moving to a more proactive host with stronger monitoring of the activity on their servers
    d) Audit your plugins/themes. Delete any untrusted/third party unless from a well-respected source.
    e) Update everything. Delete any plugins/themes not in use.
    f) Follow the guidance for Hardening WordPress from the codex.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Website hacked, please assist’ is closed to new replies.