25 {{ upvoteCount | shortNum }}
25 {{ upvoteCount | shortNum }}

wordpress sites being hacked

by K1
20 replies
Hi Guys,

One of my wordpress sites constantly gets hacked by

aSDELY-ScOrPiOn

Is there a way to prevent this?

I have the latest wordpress installed and changed all my passwords and usernames but that doesn't seem to stop them.

Does anyone have a solution for this?

Thanks!
#hacked #sites #wordpress
  • Profile picture of the author djleon1
    Have you uploaded any plugins from places other than WP or your Theme?
    {{ DiscussionBoard.errors[1666518].message }}
  • Profile picture of the author richdirtygirl
    Originally Posted by K1 View Post

    Hi Guys,

    One of my wordpress sites constantly gets hacked by

    aSDELY-ScOrPiOn

    Is there a way to prevent this?

    I have the latest wordpress installed and changed all my passwords and usernames but that doesn't seem to stop them.

    Does anyone have a solution for this?

    Thanks!
    you need to identify the entry point.

    did you change the ftp passwords too?

    there is something called log files. I don't really know what it is, but my tech gal looks around there from time to time.

    if you have an account with addons, the entry point could be a different one than the attack one.

    and finally, look at the toys you add to your blog, and make a search for each one of them, there might be one that is broken.

    Laura
    Signature
    [WSO] Crazy Offer: Get access to my UNRESTRICTED PLR Article Directory for coins.
    [FREE WSO] Step by Step guide to record and edit podcasts. Newbie friendly.
    2 PLR articles a day FREE for a whole year!
    Uncensored... Wanna play with me? ;) http://twitter.com/richdirtygirl
    Blog fun! http://www.richdirtygirl.com/
    {{ DiscussionBoard.errors[1666527].message }}
  • Profile picture of the author K1
    Thanks!!!

    I do have plugins, but how do I determine the entry point. I'll look in the log files to see if I could spot anything suspicious.

    Thanks for your help, really appreciate it.
    {{ DiscussionBoard.errors[1666546].message }}
    • Profile picture of the author jasonboom
      What permissions are your folders - They should be 755, not 777. When you say you're hacked, what are the hackers doing? Are they replacing your index page with a hacked page?

      The log file on the server displays all activity for your site, so you should be able to see if the user was somehow uploading a file to a open write folder or some other such thing.
      {{ DiscussionBoard.errors[1666559].message }}
  • Profile picture of the author HostColor
    Did you find how did you get hacked? If you know how anyone broke into your WP account, then you shall be able to fix it. I would suggest to add password protected login pages.
    Signature
    HostColor.com
    Cloud Servers, Infrastructure Hosting & Managed Services
    Data centers in U.S. and Europe
    {{ DiscussionBoard.errors[1666563].message }}
  • Profile picture of the author jasonmorgan
    your hosting provider should be able to help you out on this stuff and if they can't you might want to find better hosting..
    Signature

    I'm all about that bass.

    {{ DiscussionBoard.errors[1666615].message }}
  • Profile picture of the author Daniel Adams
    Another trend to watch out for is that some hackers are getting access to your WP blog because of a trojan on your local computer. The trojan enables them to access your FTP account, so it's irrelevant if you change your password.

    Make sure your system is clean. More info
    WordPress › Support KoiQBOL hack/worm
    {{ DiscussionBoard.errors[1666646].message }}
  • Profile picture of the author Abledragon
    One of my customer's sites was hacked recently and, two and a half hours after I'd finished completely reinstalling it, it was hacked again!

    Here are the gory details and the steps I took:

    http://www.wealthydragon.com/blog/20...ity-wordpress/

    Cheers,

    Martin.
    Signature
    WealthyDragon - Earning My Living Online
    {{ DiscussionBoard.errors[1666993].message }}
    • Profile picture of the author LuisEAvila
      What exactly happens when you log in to your site? does it redirect? My sites got hacked recently but it was due to a virus on my computer. the virus then infected some of my plugins and themes.

      Run your website through Dr.Web online check and see what happens. It could be that the they are hacking your site through a virus on your computer.
      {{ DiscussionBoard.errors[1668189].message }}
      • Profile picture of the author reapr
        Whos you host some are more vulnerable?
        Signature
        Free Niche Keywords and Niche Ideas!
        {{ DiscussionBoard.errors[1668237].message }}
      • Profile picture of the author Traffic_Is_King
        You need to be very careful of plugins that have forms. Hackers like to inject code through these forms into the sql database. The best thing is to avoid these plugins or plugins that don't update regularly.

        I would keep a strong password with a mix of 10 alpha-numberic characters with upper and lower case letters. Makes it very hard to crack. Also changing the WP prefix table to something unique instead of the default on installation is a good idea. This will make it hard to rewrite database tables if they inject code into your blog. Hope this helps you out.
        Signature
        [WARRIORS LISTEN!] If You Have Over +250 Sales Of Your WSO Product Definitely Read This!
        {{ DiscussionBoard.errors[1668265].message }}
        • Profile picture of the author JanTel
          Scary stuff this hacking....Lots of graft disappears because of some scumbag who needs blasting into cyberspace...

          Tried to login to a blog yesterday and up came "Real_Karizma - Death System" Your Blog Has Been Hacked - extremists in Turkey

          Luckily the blog has only just been set up, so there's not much content. Makes you worry about all the other sites with heaps of content....

          When you try and log in to the hacked blog it says "username incorrect" - is it possible to get in? Is it worth it?

          I host with H9 and the only plugin on this blog is All in One SEO - how and why did they get in??

          What do I look for in the logs?

          Thanks

          Terry
          {{ DiscussionBoard.errors[1671022].message }}
    • Profile picture of the author SuiteJ
      Originally Posted by Abledragon View Post

      One of my customer's sites was hacked recently and, two and a half hours after I'd finished completely reinstalling it, it was hacked again!
      Same thing happened to me, but luckily my customer uses Hostgator and I had them do the dirty work. They're sooo much better than some of those "other hosts".

      Ive had customers tell me some pretty surprising things about the responses they get from their hosting companies on simple questions and quick fixes.
      {{ DiscussionBoard.errors[1671153].message }}
  • Profile picture of the author Mrs_Mo
    Since the thread is about CMS being hacked,
    I always wanted to ask .....

    Is there any Mysql firewal that could be installed to prevent that???

    what happens if you put an entired site behind the SSL certificate? I know that's not even practical, but would that prevent haccking?
    {{ DiscussionBoard.errors[1671045].message }}
  • Profile picture of the author TheRichJerksNet
    Yes I do have a solution ... See your PM for a free copy of WordPressSecured.. No opt-in or anything required, just trying to help out ...

    James
    {{ DiscussionBoard.errors[1671346].message }}
  • Profile picture of the author AdBankPro
    Try Digital Access Pass...Not mine, just a friendly plug for the guy. It works fantastically.
    Signature

    Phil Benham

    {{ DiscussionBoard.errors[1671382].message }}
  • Profile picture of the author Letterman
    Fellow warrior Craig Desorcy [SP] has a product called "Blog Lockdown" which
    might be a consideration in this case. He has a free no opt-in WordPress "How To"
    currently in the War Room. Read to the bottom of that post for further info. Good
    Luck....
    {{ DiscussionBoard.errors[1672964].message }}
  • Profile picture of the author MaryT
    a lot of websites hacking start on your computer, in fact there is a script that launch and collect all your users/password that you stored in firefox. Especially in IM where you work with script and software on a daily basis.

    a lot of people think firefox is safe, but that's where the hacker attack. You must usually can make a complete scan of your computer and find the file that permitted.


    Another common source is the server hacked, when you use shared hosting. We had an issue on a hostgator server with some partners. And from there we moved to a dedicated server that we share to avoid all the troubles.

    this is a serious issue, as most hosting company don't keep backup of your site. If you publish content daily, you need to have a backup of your sites running daily.

    so use a secured password manager to store your password and avoid to use the browser password options, especially with your banking information.
    Signature

    ..--> White Death : the Sniper Who Killed 705..in 100 Days. Will you be the next!..coming soon..
    ...
    ..-->*FREE WSO*<-- Beat Super Affiliates at their own game..Shocking! Sniper Affiliate Tools.[*FREE WSO*]

    {{ DiscussionBoard.errors[1673780].message }}

Trending Topics