Word Press Site Hacked Twice--Help Appreciated

by JBaszile

Posted: 13 years ago 13 replies

WEB DESIGN

Hi Warriors,
We just branched out into a new niche 6 months ago and registered a new domain. It looks like it has been hacked twice, even though we have switched servers, changed passwords, etc.

I read another thread where someone requested that we don't give the domain name and spread the virus/hack, that's why I left it out.

Here are the details:

Before the homepage opens, a box pops up with this message:

"An applet is requesting access to your computer. The digital signature could not be verified."

When you ask for details, this message appears:
"Microsoft Corporation self-signed certificate Expires 9/11/11
This certificate is not trusted"
Clearly it is a bogus certificate.

The first time this happened, we changed the whole website to a new server and had it recoded.

This time, right as we're taking registrations for a teleseminar, all the pages default to the home page and the registration for the teleseminar has disappeared.

Also, when I check my cookies, there's one for our site, but I didn't think we'd installed a cookie at all.

Obviously, we need to fix this ASAP.

Would switching from Word press back to html help protect us?
Thanks in advance

#appreciated #hacked #press #site #twicehelp #word

tsquez 13 years ago

First off: where are you hosted?

Second: are you hosted on a Windows server or a linux server?

Third: whats the url?
- Thanks
- 1 reply
Signature
PSD to WordPress
{{ DiscussionBoard.errors[4062075].message }}
- JBaszile 13 years ago
  
  For the first hack incident we were on HostiCan, then we changed to Bluehost. I think we are on a windows server, but not sure because someone else set it up.
  The url is chiropracticmarketinginsider.com
  
  Thanks for asking.
  
  Thanks
  
  {{ DiscussionBoard.errors[4062100].message }}
haymanpl 13 years ago

[DELETED]

{{ DiscussionBoard.errors[4062832].message }}
- JBaszile 13 years ago
  
  Thanks for those suggestions, I'll start implementing them right away. I appreciate the feedback!
  
  Thanks
  
  {{ DiscussionBoard.errors[4063285].message }}
Tim Franklin 13 years ago

Just out of curiosity did you use fantastico to install your wordpress websites on both hosts?
- Thanks
- 1 reply
Signature
Bitcoin | Crypto | Blockchain Secrets |
{{ DiscussionBoard.errors[4063445].message }}
- JBaszile 13 years ago
  
  Originally Posted by Tim Franklin
  
  Just out of curiosity did you use fantastico to install your wordpress websites on both hosts?
  
  Not sure about Fantastico because someone else did the install. I'll try and find out. Would fantastico make us more vulnerable?
  
  Thanks
  
  1 reply
  
  {{ DiscussionBoard.errors[4063843].message }}
  
  Karen Blundell 13 years ago
  
  Originally Posted by JBaszile
  
  Not sure about Fantastico because someone else did the install. I'll try and find out. Would fantastico make us more vulnerable?
  
  yes, if you don't know what you are doing and rely only on the default install without doing a few of the steps to make it more secure. A manual WordPress install works the best.
  
  One of the biggest reasons WordPress sites get hacked is that they are using older versions of WordPress and not using any security at all. Older plugins can easily be compromised as well. Hide your plugin folder by putting a blank index.html file in the main plugin folder or get this plugin:
  WordPress › Secure WordPress « WordPress Plugins
  
  [ 1 ] Thanks
  
  1 reply
  
  Signature
  ---------------
  
  {{ DiscussionBoard.errors[4068247].message }}
  
  JBaszile 13 years ago
  
  Hi Karen.
  Thanks for that clarification and great information. I will act on it. You've helped a lot.
  
  Thanks
  
  1 reply
  
  {{ DiscussionBoard.errors[4070050].message }}
  
  xtrapunch 13 years ago
  
  Seems like you have managed to get your site up. I wonder why would anyone bother to hack a simple website? You site might have become a victim due to attack on another website on the server.
  
  If you want, you can switch to WordPress. It will make managing website a lot easier. I have a minisite WP theme which I can give to you for free. It should be perfect for your website, which is in need of some improvements.
  
  Thanks
  
  1 reply
  
  Signature
  
  >> Web Design, Wordpress & SEO - XtraPunch.com <<
  Web Design & SEO Agency | Serving World Wide from New Delhi, India
  
  {{ DiscussionBoard.errors[4070111].message }}
  
  JBaszile 13 years ago
  
  We're hosting a webinar shortly and require signups, so until we get this sorted out, we're going with a 2 page site. Before that we had about 15 pages.
  
  Thanks
  
  {{ DiscussionBoard.errors[4070271].message }}
chimehost 13 years ago

You are on cPanel account (linux)

First, make sure all your files are clean --

- Make sure you have a good antivirus program installed on your computer
- Generate backup by logging into cPanel - Chiropractic Marketing |Chiropractic Websites| Marketing Chiropractors
- Download the backup
- Unzip the backup and scan it with antivirus. If you have a good antivirus program, the system will start notifying of files that are infected.
- If you discover viruses, find the path or directories where those infected files are located.
- Go to ftp and delete those infected files

After that make sure to install the latest version of Wordpress and change your cPanel login, and database information for your wordpress installation.
- Thanks
- 1 reply
Signature

Our Brands - Website and VPS Hosting by PhotonVPS and Dedicated Hosting by Psychz
{{ DiscussionBoard.errors[4063725].message }}
- JBaszile 13 years ago
  
  Thanks for this Chimehost. Great detailed information. I'll be up this evening working this through.
  
  Thanks
  
  {{ DiscussionBoard.errors[4063864].message }}
Tim Franklin 13 years ago

As Karen states a manual install is simply the best thing you can do for your website along with a few simple steps, to make your website more secure, I have been using a manual installation for years, since 1.0 and I can tell you that if you want trouble use an automatic installer it will cause you no end of issues, troubles, hacks, and even cause your hair to fall out,(

Anything that is predictable, can cause you a problem, and the one thing that is the same about every time you use an auto installer to install wordpress is that there are default values that are used every time you use that process. When you use default values, it is like setting your password to "password" or some equally dangerously simple password.

Default values can lead to hacks, it is really just that easy, when you use predictable data as a value in a PHP script it is only a matter of time before you regret doing so.

When you do that you are inviting the Vampire into your home.

I know that there are so called "Guru" Marketers that tell you to use this process but the truth is that Gurus do not know everything even though they may want you to believe they do, The truth is they never bothered to look beyond the limited knowledge they can understand by reading a five minute PDF file.

Gurus are not Geeks, They are good sales people, that's it, They can sell stuff, and there are some that are darn good at selling stuff, but they are not Programmers, so I always recommend that you take anything a "Guru" tells you with a grain of salt.

@Karen By the way nice plugin, looks interesting will have to have a look at it,
- Thanks
- 1 reply
Signature
Bitcoin | Crypto | Blockchain Secrets |
{{ DiscussionBoard.errors[4070134].message }}
- JBaszile 13 years ago
  
  Thanks Tim, this post was informative and funny too. I've learned the hard way about the auto install and default values.
  
  Thanks
  
  {{ DiscussionBoard.errors[4070281].message }}

Word Press Site Hacked Twice--Help Appreciated

Trending Topics

Clickbank low cost recurring

Been a while! Any of you Old Timers here?

How much does the rebranding affect CR ?

Are billboards still effective in driving customers?

Boat and Jet Ski Rentals...... Door Hangers Effective?