10 {{ upvoteCount | shortNum }}
10 {{ upvoteCount | shortNum }}

My Website Got HACKED!!!

by vema123
8 replies
I have a new website (WP based) and it's got 5 original contents already, and suddenly this morning I found out that it got hacked by BCA (Brazilian cyber army). My website is learnindonesian.net

What should I do now?

1. After I reinstall WP by using Fantastico Deluxe in cpanel, is it enough to fully remove all the hackers' trace within my site, so that there's no way that they can hack my site back later on?

2. After I reinstall WP & new contents, will Google degrade my domain?

3. What should I do to prevent such a thing to happen again?

thanks for all your answers
#hacked #website
  • Profile picture of the author Michael71
    There are tons of tutorials about hardening WP.

    If you can't do it, or you don't want to do it, then pay someone to do it for you.

    It's strange, I run several blogs... even on of my blogs got attacked... but NEVER hacked.
    Because I know how to make it hard for attackers.
    Signature

    HTML/CSS/jQuery/ZURB Foundation/Twitter Bootstrap/Wordpress/Frontend Performance Optimizing
    ---
    Need HTML/CSS help? Skype: microcosmic - Test Your Responsive Design - InternetCookies.eu

    {{ DiscussionBoard.errors[7990599].message }}
  • Profile picture of the author Nuutero
    Did you have plug-ins? Some plugins might be vulnerable to hackers so don't install any shady ones. You should also change your password to a more complicated one. WP has been under massive bruteforcing attacks so you should use numbers and special characters in your password.
    Signature
    The simple things and subtleties they always stay the same
    I don't mind, that I don't mind, no, I don't mind the rain
    Like a widow's heart
    We fall apart
    But never fade away
    {{ DiscussionBoard.errors[7991750].message }}
    • Profile picture of the author Karen Blundell
      Sorry this happened to you.

      Uninstalling WordPress, deleting the existing database and starting all over will remove the hackers code.

      But you should take great pains to protect your site starting by not using "admin" as your username and installing Secure WordPress plugin which hides the version of WordPress you are using, among other things.

      After 6 years, I have dumped WordPress - as beautiful as WordPress is - I would recommend you use something that most people don't use to run your site -
      stay away from WordPress, Joomla, Drupal.

      Don't follow the crowd and you'll have less of a chance of getting hacked or attacked.
      Signature
      ---------------
      {{ DiscussionBoard.errors[7991910].message }}
  • Profile picture of the author WebdevelopmentGroup
    send me a (PM) I'll give you a hand.
    Signature
    WebDevelopmentGroup NYC & CA- Small Business Web Development, App Development, WordPress Development, Graphic Designs, Online Marketing, Local Marketing & more!. "Call us 1.800.219.1314 or message us!". Visit us today! "Now On Live Chat Mon-Fri.". www.WebDevelopmentGroup.org
    (Whitelable our Services)
    ===================================
    ==> #1 OFFLINE MARKETING FORUM ON THE WEB! <==
    www.OFFLINEMARKETINGFORUM.com     (Register Now)
    {{ DiscussionBoard.errors[7991946].message }}
  • Profile picture of the author Sarevok
    1) keep your wordpress installation and all plugins up to date.

    2) make your wordpress administrative account ID something unique. (not admin or administrator)

    3) make your password very hard to crack. (25+ characters, special characters, numbers, upper and lowercase letters)

    4) reduce the quantity of wordpress plugins in your WP installation. (the more code you have; the more potential vulnerabilities you have).

    5) make sure you know what your recovery email address is, and keep that secure too.
    Signature
    {{ DiscussionBoard.errors[7992548].message }}
  • Profile picture of the author danny0808
    I had a similar experience with WordPress, but I managed to save the site. After that I installed Better WP Security plugin and solve problems with hacking. This plugin is really good, and raises security site on a high level. In addition to this I would advise and regular database backup. I hope this will be helpful.
    Signature
    PopArt Studio - Web Design, Graphic Design and Organic SEO
    {{ DiscussionBoard.errors[8003219].message }}
  • Profile picture of the author psvent
    What @Sarevok said!

    That is the basis and it's not hard to do even if you are not a developer or to tech savvy.

    No ONE plugin will provide 100% security but they can help you with securing your WP site.

    I would suggest to also focus on your .htaccess file (there is htaccess Control plugin) which can help you restrict access to your include only files, your wp-admin and wp-login.php etc.

    If you use W3 Total Cache you also have the option to install CloudFlare which helps you with DDos attacks.

    But as I said what Sarevok listed is a pretty solid base to harden your WP and you might also check Hardening WordPress « WordPress Codex.
    {{ DiscussionBoard.errors[8005069].message }}
    • Profile picture of the author so11
      You can never be sure if your website is secure, unless you do some proper testing.

      When you install bunch of plugins, harden and strip your configurations, how do you even know that it's working correctly? Is it because the merchant or WSO seller says so???

      When you get your car repaired, do mechanics test it before giving it back to you (I hope so)?
      When you put some salt in your soup, do you taste it before serving???

      It's the same with security.... everything needs to be tested.

      good luck
      Signature
      www.groupesoloviev.com
      We help businesses manage cyber risk and compliance requirements.
      {{ DiscussionBoard.errors[8005136].message }}

Trending Topics