I don’t understand the purpose of the “API host” field. I already have a CNAME for my bucket and it redirects properly. It seems that the API host field entry is being appended to the CNAME, like static.example.com.auto. Any insight is appreciated.

We believe that you or your organization may have inadvertently published the affected API key in public sources or on public websites (for example, credentials mistakenly uploaded to a service such as GitHub.)

It appears that the plugin is making the Google Maps API key publicly visible on the following line inside the <head> of all pages. Is this something I should be concerned about?

<script type='text/javascript' src='https://maps.googleapis.com/maps/api/js?sensor=false&amp;ver=6.1.1&amp;key={ApiKey}&amp;callback=rgmkInitGoogleMaps' id='script-google-maps-js'></script>

The hacker was using Amazon and Google Cloud platforms to try to hack in.

I could see where he was trying from in the Wordfence Live Traffic:
Https://abc.com/wp-admin/admin.php?page=WordfenceTools

Then I was seeing these two forms of links as the Hostname:
c2-13-53-109-34.eu-north-1.compute.amazonaws.com
21.209.143.34.bc.googleusercontent.com

So I reported him at:
https://aws.amazon.com/premiumsupport/knowledge-center/report-aws-abuse/ (or [email protected])
and
https://support.google.com/code/contact/cloud_platform_report?hl=en

I sent in the logs, and reported him to a few other hosting companies that were legitimate.

Them BAM! About 3 days later he quit. They cancelled him. I think he lost a lot of material that was in his account when they cancelled him, and he needed to be able to use the AWS and Google platforms to do his legitimate work – so he voluntarily quit.

Here are some tips if you have to report someone:

Click on “Run Whois” to get the email address to report to.

Source port(s) & protocol(s) – This is the IP where the hacker is attacking from. For example:
ec2-15-207-181-92.ap-south-1.compute.amazonaws.com — has the IP address of —
15.207.181.92

Destination IP(s) – This is the IP address of your website.

Destination port(s) and protocol(s) – For me, this was the links he was trying to hack in through, such as:
https://abc.com/wp-login.php?redirect_to=https%3A%2F%2Fsystembustersparadise.com%2Fwp-admin%2F
https://abc.com/wp-login.php

Thanks again WF!

Hope you’re all well.
I installed the WordPress Bitnami on a gooogle VM.
I have my website going nicely on GCP. Everything is working fine and i’m able to edit it though the wordpress interface. All good there.

I need to verify my ownership of the domain though, so I’m choosing to do it by adding a html tag as follows (from given instructions)

<head>
<meta name=”google-site-verification” content=”XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX”/>
<title> Mi título </title>
</head>
<body>
contenido de la página
</body>

The problem is that I’ve no idea where to find the file in which I have to add the line to. Normally it’s the index.html file but I read that this WordPress by Bitnami instance doesn’t work with an html file to store the webite. I might be wrong though.

I’d appreciate some help!
Thanks!

This morning I just installed this plugin to change my website database table prefix. But the problem is when I finished changing and clicked ‘save’, my website suddenly collapse…It’s all gone. I couldn’t connect it. What do I do now..?