Title: Viscosity's Replies | WordPress.org

---

# Viscosity

  [  ](https://wordpress.org/support/users/viscosity/)

 *   [Profile](https://wordpress.org/support/users/viscosity/)
 *   [Topics Started](https://wordpress.org/support/users/viscosity/topics/)
 *   [Replies Created](https://wordpress.org/support/users/viscosity/replies/)
 *   [Reviews Written](https://wordpress.org/support/users/viscosity/reviews/)
 *   [Topics Replied To](https://wordpress.org/support/users/viscosity/replied-to/)
 *   [Engagements](https://wordpress.org/support/users/viscosity/engagements/)
 *   [Favorites](https://wordpress.org/support/users/viscosity/favorites/)

 Search replies:

## Forum Replies Created

Viewing 15 replies - 1 through 15 (of 86 total)

1 [2](https://wordpress.org/support/users/viscosity/replies/page/2/?output_format=md)
[3](https://wordpress.org/support/users/viscosity/replies/page/3/?output_format=md)
[4](https://wordpress.org/support/users/viscosity/replies/page/4/?output_format=md)
[5](https://wordpress.org/support/users/viscosity/replies/page/5/?output_format=md)
[6](https://wordpress.org/support/users/viscosity/replies/page/6/?output_format=md)
[→](https://wordpress.org/support/users/viscosity/replies/page/2/?output_format=md)

 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[WP-Invoice - Web Invoice and Billing] Send message not working](https://wordpress.org/support/topic/send-message-not-working/)
 *  [Viscosity](https://wordpress.org/support/users/viscosity/)
 * (@viscosity)
 * [13 years, 5 months ago](https://wordpress.org/support/topic/send-message-not-working/#post-3251233)
 * Did you check the mail server setup because at time it is the mail server that
   block it detecting it as spam.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[GD Star Rating] become slow my website by GD Star Rating](https://wordpress.org/support/topic/become-slow-my-website-by-gd-star-rating/)
 *  [Viscosity](https://wordpress.org/support/users/viscosity/)
 * (@viscosity)
 * [13 years, 5 months ago](https://wordpress.org/support/topic/become-slow-my-website-by-gd-star-rating/#post-3248798)
 * Share hosting mean your web hosting is using a single web hasting server serving
   hundred or thousand customer on the same server.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[GD Star Rating] become slow my website by GD Star Rating](https://wordpress.org/support/topic/become-slow-my-website-by-gd-star-rating/)
 *  [Viscosity](https://wordpress.org/support/users/viscosity/)
 * (@viscosity)
 * [13 years, 5 months ago](https://wordpress.org/support/topic/become-slow-my-website-by-gd-star-rating/#post-3248714)
 * Are you on a share hosting?
 *   Forum: [Everything else WordPress](https://wordpress.org/support/forum/miscellaneous/)
   
   In reply to: [Clean up of one hacked site](https://wordpress.org/support/topic/clean-up-of-one-hacked-site/)
 *  [Viscosity](https://wordpress.org/support/users/viscosity/)
 * (@viscosity)
 * [13 years, 5 months ago](https://wordpress.org/support/topic/clean-up-of-one-hacked-site/#post-3227587)
 * There are several things in which you have to look into.
 * For application, fresh clean up and re installed help to clear up those mess.
   Re-installed and update all your required plugins,then do a full backup. Used
   security plugins like bulletproof security, wordfence, [Timthumb Vulnerability Scanner](http://wordpress.org/extend/plugins/timthumb-vulnerability-scanner/),
   [Theme Authenticity Checker (TAC)](http://wordpress.org/extend/plugins/tac/),
   etc does not grant u that your sites is not hackable.
 * For network, disable all your ftp and ssh when you are not using it connected
   to your panel.Use strong password with a minimum 15 characters length contain,
   upper & lower letter, number and including special character to prevent any dictionary
   attack on your password.
 * `The attack appears to have been an SQL-injection.`
    What make you so sure it
   is SQL attack? If so, then your gonna look into your SQL updates and version 
   used.
 * [http://codex.wordpress.org/Hardening_WordPress](http://codex.wordpress.org/Hardening_WordPress)
   
   It did mention clearly the steps to take to harden your wordpress.
 * External Service
    [Cloudflare](http://www.cloudflare.com/) * [Incapsula ](http://www.incapsula.com/)
   help to reduce your chance getting hack even though your are using their free
   service.
 *   Forum: [Everything else WordPress](https://wordpress.org/support/forum/miscellaneous/)
   
   In reply to: [Clean up of one hacked site](https://wordpress.org/support/topic/clean-up-of-one-hacked-site/)
 *  [Viscosity](https://wordpress.org/support/users/viscosity/)
 * (@viscosity)
 * [13 years, 5 months ago](https://wordpress.org/support/topic/clean-up-of-one-hacked-site/#post-3227578)
 * To clean up is uninstall and install back all the wordpress in order to perform
   a clean wipe out in which may contain backdoor left behind.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Networks for WordPress] Dns and server configuration](https://wordpress.org/support/topic/dns-and-server-configuration/)
 *  [Viscosity](https://wordpress.org/support/users/viscosity/)
 * (@viscosity)
 * [13 years, 5 months ago](https://wordpress.org/support/topic/dns-and-server-configuration/#post-3230492)
 * I think the easy way out if through your webhoster cpanel which there is a setting
   for it.
 *   Forum: [Everything else WordPress](https://wordpress.org/support/forum/miscellaneous/)
   
   In reply to: [Questionable 404's ?](https://wordpress.org/support/topic/questionable-404s/)
 *  [Viscosity](https://wordpress.org/support/users/viscosity/)
 * (@viscosity)
 * [13 years, 5 months ago](https://wordpress.org/support/topic/questionable-404s/#post-3229159)
 *     ```
       I've noticed a recent IP address with unusual 404's and wondered if anyone could give me their opinion, and suggestions for solutions if warranted.
   
       404 examples:
   
       404: login.php?action=quit
       404: modules.php?app=user_reg
       404: member.php?mod=logging&action=login
       ```
   
 * You can see that they are trying to target your php code and doing an SQL injection,
   doing a redirection of your sites or exploiting your login.
 * `These are just a few, there are many from the same IP, all along the same lines,
   with various commands.`
 * Very likely they are using an automatic program scanning and trying to exploit
   your site for vulnerability.
 *   Forum: [Hacks](https://wordpress.org/support/forum/plugins-and-hacks/hacks/)
   
   In reply to: [Plugin newbie, looking for quick guidance..](https://wordpress.org/support/topic/plugin-newbie-looking-for-quick-guidance/)
 *  [Viscosity](https://wordpress.org/support/users/viscosity/)
 * (@viscosity)
 * [13 years, 5 months ago](https://wordpress.org/support/topic/plugin-newbie-looking-for-quick-guidance/#post-3229158)
 * I bet for a quick guide is where you can try your luck in utube or google in 
   which you may find some tutorial 🙂
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Theme Hacked](https://wordpress.org/support/topic/theme-hacked-2/)
 *  [Viscosity](https://wordpress.org/support/users/viscosity/)
 * (@viscosity)
 * [13 years, 5 months ago](https://wordpress.org/support/topic/theme-hacked-2/#post-3227276)
 * [@esmi](https://wordpress.org/support/users/esmi/) What the given the link is
   based on web application but network layer including the OS are not covered as
   this is a self host wordpress.
 *   Forum: [Everything else WordPress](https://wordpress.org/support/forum/miscellaneous/)
   
   In reply to: [How many failed login attempts/lockouts do you get on a regular basis?](https://wordpress.org/support/topic/how-many-failed-login-attemptslockouts-do-you-get-on-a-regular-basis/)
 *  [Viscosity](https://wordpress.org/support/users/viscosity/)
 * (@viscosity)
 * [13 years, 5 months ago](https://wordpress.org/support/topic/how-many-failed-login-attemptslockouts-do-you-get-on-a-regular-basis/#post-3227512)
 * What the hack attempt which done on your sites is just using dictionary attack
   which is often done by script kiddies. Skill hack just need to exploit on your
   SQL injection, from there and they will dump all your usernames and passwords
   crack within their own system. Of course there are some other approach of the
   hack attempts. Currently i only got 1x fail intrusion attempt and look forward
   for more challenges 🙂
 * Perhaps you shall let me do some penetration test when i am free provided with
   your approval.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Theme Hacked](https://wordpress.org/support/topic/theme-hacked-2/)
 *  [Viscosity](https://wordpress.org/support/users/viscosity/)
 * (@viscosity)
 * [13 years, 5 months ago](https://wordpress.org/support/topic/theme-hacked-2/#post-3227197)
 * Actually there are few things you need to look into.
 * 1,Look into your control panel or error log message for those error encounter.
   
   2.Summary the error log and find out what is the attack vertor target is at php
   or other. 3. Use [Timthumb security scan](http://wordpress.org/extend/plugins/timthumb-vulnerability-scanner/)
   on your wordpress and update it as most of the theme contain outdated Timthumb
   which prone to hack. 4. Use [Theme Authenticity Checker (TAC)](http://wordpress.org/extend/plugins/tac/)
   to scan for malicious code if you are using free theme. 5. Use a firewall to 
   only allow the designated port for your blog only. 6. Use a IDS/IPS to protect
   your system from being rooted.
 * ……………..
 * There are lot more and i do not wish to get into more details least you do the
   basic.
 *   Forum: [Everything else WordPress](https://wordpress.org/support/forum/miscellaneous/)
   
   In reply to: [Fraudulent WordPress Internet site warning](https://wordpress.org/support/topic/fraudulent-wordpress-internet-site-warning/)
 *  [Viscosity](https://wordpress.org/support/users/viscosity/)
 * (@viscosity)
 * [13 years, 5 months ago](https://wordpress.org/support/topic/fraudulent-wordpress-internet-site-warning/page/2/#post-3223998)
 * 50% of my site is done by my hired web designer and another 50% is done by me.
   The reason for doing so is that i am not an expert when come to web design but
   for web security and other items are fully accomplish by me.
 * You do not need to transfer your domain,aussieappshop.com.au to bluehost but 
   what you need to know is your domain dns ip address so that you can add it in
   your web hoster control panel.
 *   Forum: [Everything else WordPress](https://wordpress.org/support/forum/miscellaneous/)
   
   In reply to: [Fraudulent WordPress Internet site warning](https://wordpress.org/support/topic/fraudulent-wordpress-internet-site-warning/)
 *  [Viscosity](https://wordpress.org/support/users/viscosity/)
 * (@viscosity)
 * [13 years, 5 months ago](https://wordpress.org/support/topic/fraudulent-wordpress-internet-site-warning/page/2/#post-3223995)
 * Of course i understand how you feel but stay cooled with a clear mind. Overheated
   rage will not get you anyway 🙂
 *   Forum: [Your WordPress](https://wordpress.org/support/forum/your-wordpress/)
   
   In reply to: [My Site](https://wordpress.org/support/topic/my-site-45/)
 *  [Viscosity](https://wordpress.org/support/users/viscosity/)
 * (@viscosity)
 * [13 years, 5 months ago](https://wordpress.org/support/topic/my-site-45/#post-3225834)
 * Nice. Clean and simple
 *   Forum: [Everything else WordPress](https://wordpress.org/support/forum/miscellaneous/)
   
   In reply to: [Fraudulent WordPress Internet site warning](https://wordpress.org/support/topic/fraudulent-wordpress-internet-site-warning/)
 *  [Viscosity](https://wordpress.org/support/users/viscosity/)
 * (@viscosity)
 * [13 years, 5 months ago](https://wordpress.org/support/topic/fraudulent-wordpress-internet-site-warning/page/2/#post-3223991)
 * Shaza777 , Pardon me i just don’t understand why you don’t hint my advise? It
   is not worthwhile to fight over a general domain as you have understood the value
   of it. Anyway, it’s your choice.
 * If you are refering to wordpress.com or .org then i will advise you stay out 
   of it as we are not the owner of that domain.

Viewing 15 replies - 1 through 15 (of 86 total)

1 [2](https://wordpress.org/support/users/viscosity/replies/page/2/?output_format=md)
[3](https://wordpress.org/support/users/viscosity/replies/page/3/?output_format=md)
[4](https://wordpress.org/support/users/viscosity/replies/page/4/?output_format=md)
[5](https://wordpress.org/support/users/viscosity/replies/page/5/?output_format=md)
[6](https://wordpress.org/support/users/viscosity/replies/page/6/?output_format=md)
[→](https://wordpress.org/support/users/viscosity/replies/page/2/?output_format=md)