7 {{ upvoteCount | shortNum }}
7 {{ upvoteCount | shortNum }}

Site Hacked By Casino Pages - Help Please

by zimbizee
5 replies
Hi whilst checking on a site in google i was distressed to so see several pages have been added to the site. Obviously the site has been breached in someway even though i have all plugins upto date and have wordfence etc installed.

For example in google this is what i see(name of site changed)

Best slot machines to play - My Website
http://www.mywebsite co uk/best-slot-machines-to-play

I am currently going through all he code but i'm an amateur at best.

Any ideas on how i go about finding where or how they got in and where the code will be?

Thanks in advance
#casino #hacked #pages #site
  • Profile picture of the author DABK
    If you're using shared hosting, the hosting company's help desk would be a great place to get help.

    Originally Posted by zimbizee View Post

    Hi whilst checking on a site in google i was distressed to so see several pages have been added to the site. Obviously the site has been breached in someway even though i have all plugins upto date and have wordfence etc installed.

    For example in google this is what i see(name of site changed)

    Best slot machines to play - My Website
    http://www.mywebsite co uk/best-slot-machines-to-play

    I am currently going through all he code but i'm an amateur at best.

    Any ideas on how i go about finding where or how they got in and where the code will be?

    Thanks in advance
    {{ DiscussionBoard.errors[9882580].message }}
  • Profile picture of the author Gelhost
    Seems like its more of a Malware, if you have a VPS you could run Linux Malware Detect (LMD) .If not, you might have to ask your shared company to tun a LMD scan for you.
    {{ DiscussionBoard.errors[9882735].message }}
  • Profile picture of the author zimbizee
    Found it, they got in via the wp super cache plugin which wasn't even activated. Removed the plugin and the redirects to the casino sites stopped. Had google remove the offending pages via webmaster tools.

    Is there any way to completely secure a wp site to prevent this from happening again?
    {{ DiscussionBoard.errors[9883707].message }}
  • Profile picture of the author Talltom1
    Hi zimbizee,

    I recently had a similar situation with one of my client's wordpress sites. In my situation, they had also gained access to the website via a security hole in a plugin.

    One preventative measure I've implemented is a free plugin from Sucuri - their audit plugin. It really goes a long way toward locking down your site and preventing any unauthorized alterations or mods to files on your site. It also logs and protects against people trying to use the brute force login method. When I checked the log file for failed logins - it was absolutely eye-opening. It blows my mind that somebody has that much time on their hands to sit there and try to guess a password in order to log into your site. Sigh.

    At any rate, it captures all of the IP addresses from the failed logins, and once a week I collect these into a master list, and post that list to the htaccess file for each website.

    Tom
    Signature

    {{ DiscussionBoard.errors[9884133].message }}
  • Profile picture of the author Kingfish85
    The best thing to do would be to contact your website to see if they can locate the issue.
    Signature

    |~| VeeroTech Hosting - sales @ veerotech.net
    |~| High Performance CloudLinux & LiteSpeed Powered Web Hosting
    |~| cPanel & WHM - Softaculous - Website Builder - R1Soft - SpamExperts
    |~| Visit us @veerotech Facebook - Twitter - LinkedIn

    {{ DiscussionBoard.errors[9884691].message }}

Trending Topics