WordPress.org

Ready to get started?Download WordPress

Forums

WordPress security? (7 posts)

  1. Kevin
    Member
    Posted 2 years ago #

    Hello,

    Lately our website has been getting hacked A LOT.

    I don't really understand where I'm going wrong.

    We use the latest version of WordPress

    All file permissions are set to 644 and all folder permissions are set to 755.

    We use the following security plugins:
    6Scan
    AntiVirus
    BulletProof Security
    Secure WordPress
    Sucuri Scanner

    They've all been configured to work correctly.

    We've changed the database prefix

    We've replaced the default admin username & password

    We've run antivirus scans on all of our pc's incase of a keylogger.

    And still after all this, we're still receiving base64 strings in our .php files (We did stop receiving Malware, so I guess our security has been upgraded slightly).

    Some more solid tips on increasing security would be very much appreciated!

  2. Lately our website has been getting hacked A LOT.

    That's not good.

    All file permissions are set to 644 and all folder permissions are set to 755.

    ...

    And still after all this, we're still receiving base64 strings in our .php files (We did stop receiving Malware, so I guess our security has been upgraded slightly).

    Give these a read. You may (probably are) still be infected and haven't deloused your WordPress properly.

    http://sitecheck.sucuri.net/scanner/

    http://codex.wordpress.org/Hardening_WordPress

    http://codex.wordpress.org/FAQ_My_site_was_hacked
    http://wordpress.org/support/topic/268083#post-1065779
    http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
    http://ottopress.com/2009/hacked-wordpress-backdoors/

    Good luck.

  3. rwilki
    Member
    Posted 2 years ago #

    sounds like "they're" still in your files somewhere. did you change the permissions, wordpress admin/password, and tables after the first time you were hacked? if so, go through all the links that Jan suggested.

  4. Kevin
    Member
    Posted 2 years ago #

    Hello,

    Thank you for your swift responses.

    Every time we got hacked I put back a backup from a few days earlier, i've never really bothered cleaning it up.

    Sucuri Scanner didn't even find the base64 codes last time, then when I went to check our theme files with the Antivirus plugin pretty much every file was infected, so I'm not really sure what I should and what I shouldn't use anymore.

    Is it possible to hack a site and place a script to activate and place base64 strings after a few days? because every backup I've placed back into the site has been clean, and a few days later it would be infected again.

  5. rwilki
    Member
    Posted 2 years ago #

    Have you done a completely clean reinstall of the entire wordpress structure? Not just your theme, but everything? Also, there could be some files either hiding on your server or in your database. I would also use phpmyadmin to see what's in your database. Check to see if there are any new tables too...

  6. Every time we got hacked ... i've never really bothered cleaning it up.

    Restoring a couple day old backup just leaves you vulnerable. It's why you still get hacked; you've not closed the door on the attacker.

    Give those posts a read, they can really help you figure out what happened and what to do about it.

  7. rwilki
    Member
    Posted 2 years ago #

    Jan's right. They were probably playing with your site before you became aware of it. That's the problem. I'd start with a completely clean fresh install of wp 3.3.1 with new credentials, and take a look at your theme when you first installed it.

    If it's a free theme, I'd be very careful. If it was a purchased theme or you designed it yourself, then you might be OK but don't use anything that you've downloaded recently from the server. Hopefully, you have a local copy that is original.

Topic Closed

This topic has been closed to new replies.

About this Topic