Site hacked despite Wordfence and 2fa

  • Resolved maxphotoaustin

    (@maxphotoaustin)


    5 years, 8 months ago

    My site was hacked twice in the last month or so and I installed Wordfence after the second hack. I have turned on 2fa and have it set to alert me when someone logs into my account.

    However, someone was able to change the username and password of the admin account and locked me out today. I didn’t get an alert that anyone had logged into the account.

    I was able to get the username and password changed with the help of my host. I’m really just trying to figure out how this happened. All plugins and themes are up-to-date as well as WordPress and PHP.

Viewing 1 replies (of 1 total)

  • Hey @maxphotoaustin,

    I’m sorry to hear that you’ve run into this.

    In addition to changing your WordPress credentials, I’d suggest changing your sFTP, hosting control panel and database credentials.

    As far as to how this happened, it’s impossible for me to say. To find out how it happened you’d need to get with a hack repair service to take a look. However, from what you’ve mentioned it makes me wonder if this was a server level compromise versus a WordPress application compromise. If the site does become reinfected I’d definitely suggest getting with a hack repair service to find and patch the point of entry.

    https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/

    Thanks,

    Gerroald

Viewing 1 replies (of 1 total)
  • The topic ‘Site hacked despite Wordfence and 2fa’ is closed to new replies.