TrafficTrade malware

  • Resolved abanjo

    (@abanjo)


    7 years, 7 months ago

    Hi,
    some days ago my web site was infected by TrafficTrade malware :
    https://www.wordfence.com/blog/2017/08/traffictrade-malware/

    This malware inserted in wp_options table a script that redirects my users to external web site.
    This script was in every page of the site.
    Seems that was vulnerability of my theme ( newspaper : https://themeforest.net/item/newspaper/5489609 ).

    Now i’ve installed “All In One WP Security & Firewall” plugin ( i think that is the most complete and easy to use ) ad i want to know if there is some particular configuration that i can adopt to prevent this attack in the future.

    Thanks

Viewing 1 replies (of 1 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi, if the attack was introduce via a vulnerability in the theme you are currently using or used then I suggest that you always make sure that the theme used is up to date. However I will also point out that sometimes vulnerabilities are not discovered by the developers until someone else reports it.

    This plugin will help you keep your site protected at all times as long as your plugins and themes are up to date and most important your WordPress version is also up to date.

    You will need to go through the different security features available in the plugin and choose which ones suit you. Three features I highly recommend enabling in the plugin.

    1. Rename Login Page under Brute Force.
    2. Completely Block Access To XMLRPC: under Firewall.
    3. File Change Detection under Scanner.

    There is also the following pro feature service Site Scanners that will provide extra protection against malware in your site.

    Let me know if you need more help or information.

    Kind regards

Viewing 1 replies (of 1 total)
  • The topic ‘TrafficTrade malware’ is closed to new replies.

Tags