Stratosphere
Forum Replies Created
-
That plugin hasn’t been updated in over a year. I wouldn’t use plugins that are not updated frequently as WordPress updates. Check out their “Last Update Date”.
Yes they can re-route their IP’s to your country, as they are trying to do to me now for attempted hacks directed to wp-login or xmlrpc.php. They also hit old pages I removed after the last hack attack – which no longer exist. This tells me they are a hacker bot.
I also have links directed to my site from pornographic websites, really filthy stuff, traced to China. I remove them in Options: to block URL’s in Wordfence, and there is a ton of them.
The xmlrpc.php is a favourite hacking entry to wp files. If you don’t need it, what I did was:
enter the URL to blocked URLs in Wordfence Options. You can block access to any url there
but don’t block yourself out “IF YOU USE IT”.ie) http://mysite.com/xmlrpc.php ( don’t forget to save your changes at the bottom)
I see the attempts on my Apache logs, but they are denied access, so I figure that security hole is blocked.
Or, you can just disable it in .htaccess
XML-RPC is for mobile app developers to talk to your wordpress site. I never had the need to use it in 8 years.
More on that here:https://www.wordfence.com/blog/2015/10/should-you-disable-xml-rpc-on-wordpress/
I figure to cut out any holes in my site so they can’t get in, sometimes it makes it inconvenient, but I’d rather be safe than sorry.
That Cox Communications reference caught my eye as I have had attempts of hacking from that hosting company. What I did was:
Go to: www. who hosts this site. com where you can look up any organization and find their hosting company. Enter in their address: http://that site.com
Wordfence gives you lots of detail on who originated the attempt.Then block that IP of the hosting company. it works. Some of these hackers are using the same hosting spam networks.
Go to your Options in Wordfence and you’ll see Block IP, I use that to block all hackers.
Just a tip.Hi: I just got this after a scan:
I am running new Wordfence Updated Version 6.2.9 updated yesterday
and WordPress 4.7 latest versionOne highlighted in red, was from China IP address bot and was deleted.
I cleaned all the WordFence Files and deleted them – over 100 of them.
I then did another scan with Anti-Malware plugin, it 13 other suspicious files and one of them was the above one. Have I been hacked again?
I had to delete an older theme, cleaned with Wordfence, thought it was enough, installed a new version of the theme and now maybe I got hit again?Could be your server has a time limit on Scans.
Check with your hosting company, on why your plugin is being halted, it should be allowed to run as a cron job, by your for your own protection. Just a guess but that’s what it could be.I’ve had one attempt at someone trying to login from wp-admin, from India.
In your Options: enter your own IP address and login name only to be WhiteListed or Allowed.Also, I blocked any access to: MYsite.com/wp-includes/load.php
it seems to be working to deter attempts at trying to login.Also: in Settings: put the name: admin down as a banned name,
While allowing your own name to be used, so you don’t lock yourself out.These are all in your settings, and they work fine for me.
If you have questions, press the little BLUE BUTTON and it will be explained to you.Also: I block any URL that is not on my site, since these are links from pornographic sites.
Yes, its getting worse out there, today I found about 10 from Europe and consistently they are trying to hack into wordpress files.
I wish WordPress would give us the option to hide those files from any bots or anyone, make them totally inaccessible to even Google’s bots.I am just a user on the free version so far its been working well.
Hello Wfalaa: I reviewed the article you mentioned and found the same info from Google’s Webmaster Tools, there are “No Advertisements” on the site, none. No ads.
So, I thought the redirect was the problem which is a wordpress redirect. I checked everywhere and no where did I find the site URL to be violating any rules. I am still stumped as to what they mean by “social engineering” because we don’t do any! Very frustrating as the author of that article points out to get any details from Google. But thank you for your response.