Hacked constantly

  • RobNYC

    (@robnyc)


    10 years ago

    I am constantly being hacked. Whoever is getting in does the same thing time and time again. they are editing the theme files home.php and header.php to incude redirects to malware sites. I have installed bullet proof security, to no avail, and additionally changed permissions on these files to 400 read only. Any suggestions?

Viewing 6 replies - 1 through 6 (of 6 total)
  • wslade

    (@wslade)

    Have you spent any time looking at your server logs? Studying the logs is sometimes tedious work but in your case it could provide you with the answers you need.

    I prefer to look at the raw logs versus any of the stats packages like AWStats. Either they have a backdoor or they are gaining access through a compromised password. The method of entry just might be clearly shown in the stats.

    It only takes one missed piece of bad code to allow the hacker back in. It’s very difficult to known when or if you find every bit of malware.

    Post back after you have a look at the server logs. Good luck.

    mbova

    (@mbova3)

    One method I’ve had success with is the following:

    1. Migrate website to a new host (I like duplicator plugin for this)

    2. Install and run Wordfence

    3. Change all passwords (hosting, wp-admin, etc)

    At this point, I had a clean site again and I migrated it back to the original host.

    Who are you hosting with? Another example: I had luck with Godaddy cleaning the site up quickly and easily by activating their SiteLock feature.

    wslade

    (@wslade)

    @michael Bova – can you explain what the migration process does for removing malware? It seems to me that when you migrate a hacked site, you will have a hacked site on a new host. Why not just stay where you are and run Wordfence?

    Miroslav Glavi?

    (@miroslavglavic)

    @wslade , whenever a site gets hacked, it could be due to the host’s lack of security.

    @robnyc , I want you to do the following:

    1) Change your Control Panel password
    2) Change your mysql database password
    3) Update wp-config.php with the new database password
    4) Change your WordPress password to something that is not easy, Use a 15 character password.
    5) Check your users (if you are not the only one on the site), any “funny” users, delete them
    6) Update WordPress to 4.1 (if not there already)
    7) Update Your theme (if not there already)
    8) Upodate Your plugins (if not there already)

    When you do all that, then come back and update us.

    andywar65

    (@andywar65)

    Add this one:
    9) Check for outdated plugins, plugins that are no longer developed

    icotulookin

    (@icotulookin)

    Get the FREE plug in Wordfence and you will never have that problem again. I have 4 different sites I used to get the same thing you do. Haven’t had a problem since and the great thing…. It’s FREE!

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Hacked constantly’ is closed to new replies.