WordPress website hacked again and again

  • tarabusk

    (@tarabusk)


    8 years, 3 months ago

    Hi,
    One of my WP website is being hacked and hacked again. Some files with malicious code are being added to the root directory.
    wp-conf.php
    wp-content.php
    /upload_informations
    /upload-your-informations
    I can find the term bogel ($bogel=$_GET[‘cpanel’];) on several files, it it’s ring again.
    I already reinstalled 2 times the website entirely with a clean (I assume) version one month old. Changed admin passwords, salt keys, ftp password (not Mysql however) I installed Wordfence, sucuri …

    The website is being hacked again in an hour …
    No help from my provider, they block the website ant that’s all.
    I don’t know what else to do ?? Any advices ??

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator bcworkz

    (@bcworkz)

    8 years, 3 months ago

    It could be your backup is not clean, hacks can sometimes be in place a long time before discovery. I’ve heard of a few hacks that sit quietly without doing anything for some time before dropping their payload. Thus their backdoor is still in place in backup files going back some time.

    When recovering from a hack it’s important to change all meaningful passwords. With a mySQL password (easily available on a hacked site) one has control over all site content, including WP users. That password would allow one to add themselves as a WP admin user.

    It’s possible your theme or one of your plugins had a security vulnerability. After restoring your site update everything to the latest version.

    In general, work through the steps in FAQ My site was hacked. Be very thorough, skipping steps (like not reseting mySQL password) leaves holes that render your other efforts inconsequential. Consider using an older backup.

    Mark Ratledge

    (@songdogtech)

    8 years, 3 months ago

    No help from my provider, they block the website ant that’s all.

    Find a better host. See Recommended WordPress Web Hosting

    Thread Starter tarabusk

    (@tarabusk)

    8 years, 2 months ago

    Thank you deeply for your help. I am still struggling, and will let you know if and how i could get rid of this nuisance.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘WordPress website hacked again and again’ is closed to new replies.

Tags