OptimizePress 1 getting hacked ever day.. what's the answer?

18 replies
Man... I have around a dozen OptimizePress1 sites, and now they're getting POUNDED by hackers every day. Seriously, pictures get deleted, files getting swapped around, and junk emial getting sent out through my domain names.

I have sites with HUNDREDS of pages built out, switching those to OptimizePress2 would be impossible, wouldn't it?

However, it seems like there's no way to keep patching up these sites, Optimize1 is - from that I've heard - getting abandoned by its creator, and I don't know what service I can buy or hosting I can use to prevent these hacks from happening day in and day out - what's the best answer for this?

Thanks so much guys, and be well,
-Dan
#answer #day #hacked #optimizepress
  • Profile picture of the author lotsofsnow
    [DELETED]
    {{ DiscussionBoard.errors[8805778].message }}
    • Profile picture of the author GaWdLy
      Originally Posted by hpgoodboy View Post

      Exactly.

      Download WordPress › BulletProof Security « WordPress Plugins, install it and enable it. Case solved.

      It is not OptimizePress that is getting hacked, it is WordPress by the way. Optimize press has nothing to do with the hacking issue.
      I like BPS security. The plugin works well, and the developer is willing to work with you and assist you with developing features and custom code.
      {{ DiscussionBoard.errors[8843941].message }}
  • {{ DiscussionBoard.errors[8805858].message }}
    • Profile picture of the author James Dyson
      Hi Dan

      James from OptimizePress here. Let me assure you we are not abandoning OptimizePress 1.0 - we know that we still have many people using the original platform even though OptimizePress 2.0 is now on the market.

      We are no longer adding features to this platform but are still currently supporting our original buyers where-ever possible. I can't guarantee that we will support this forever but for now we are still actively helping our customers with any issues they may have.

      Regarding your site being hacked - I am sorry to hear this. I'm not sure if you saw it but back in April we released a patch for a potential security vulnerability which could be exploited by hackers to gain access to your site. You should ensure you are running version 1.62 of OptimizePress to ensure that vulnerability is patched which should reduce the risk to your site.

      Once your site is patched you should consider running a scan using a plugin like Sucuri or Wordfence. I would also advise changing all passwords related to that site and add a plugin like "Limit Login Attempts" to prevent any brute force attacks on your WP login forms

      Hopefully that helps - if you need any further help please feel free to contact the OptimizePress support desk where my team will be happy to help you further
      Signature
      OptimizePress - Create Landing Pages, Sales Pages & Membership Sites in WordPress
      {{ DiscussionBoard.errors[8806631].message }}
      • Profile picture of the author DanFaggella
        James has got the "google alerts" on BLAST! Thanks for the personal response, my good man, I may be misled by the folks who're diagnosing my issues.

        Trust me, some of us are still in love with Optimize1 (literally...), and I'm glad it's supported still. I'll make sure we've got the patch on the sites that matter for us, as well as Wordfense.

        Is there a monthly or weekly checklist I should go through in order to prevent these issues? IE: Running a wordfense scan weekly, or - changing passwords monthly - etc...

        The issue with the plugins is that most of us internet bozos download it and use it once. Taking 10 minutes each day to run it would of course be inhibitive to productivity to a vast extent for most of us with smaller sites, but maybe weekly is the thing to do?

        Anyone out there have good habits about this?

        Thanks so much and catch up soon,
        -Daniel
        {{ DiscussionBoard.errors[8808030].message }}
        • Profile picture of the author Wayne
          Originally Posted by DanFaggella View Post

          James has got the "google alerts" on BLAST! Thanks for the personal response, my good man, I may be misled by the folks who're diagnosing my issues.

          Trust me, some of us are still in love with Optimize1 (literally...), and I'm glad it's supported still. I'll make sure we've got the patch on the sites that matter for us, as well as Wordfense.

          Is there a monthly or weekly checklist I should go through in order to prevent these issues? IE: Running a wordfense scan weekly, or - changing passwords monthly - etc...

          The issue with the plugins is that most of us internet bozos download it and use it once. Taking 10 minutes each day to run it would of course be inhibitive to productivity to a vast extent for most of us with smaller sites, but maybe weekly is the thing to do?

          Anyone out there have good habits about this?

          Thanks so much and catch up soon,
          -Daniel
          Wordfence will automatically scan your site each day and you can set it up to email
          alerts to you.
          {{ DiscussionBoard.errors[8855704].message }}
      • Profile picture of the author BigGameHunter
        Originally Posted by James Dyson View Post

        Hi Dan

        James from OptimizePress here. Let me assure you we are not abandoning OptimizePress 1.0 - we know that we still have many people using the original platform even though OptimizePress 2.0 is now on the market.

        We are no longer adding features to this platform but are still currently supporting our original buyers where-ever possible. I can't guarantee that we will support this forever but for now we are still actively helping our customers with any issues they may have.

        Regarding your site being hacked - I am sorry to hear this. I'm not sure if you saw it but back in April we released a patch for a potential security vulnerability which could be exploited by hackers to gain access to your site. You should ensure you are running version 1.62 of OptimizePress to ensure that vulnerability is patched which should reduce the risk to your site.

        Once your site is patched you should consider running a scan using a plugin like Sucuri or Wordfence. I would also advise changing all passwords related to that site and add a plugin like "Limit Login Attempts" to prevent any brute force attacks on your WP login forms

        Hopefully that helps - if you need any further help please feel free to contact the OptimizePress support desk where my team will be happy to help you further
        Hi James,

        Glad to see your monitoring all discussions about OptimizePress here on Warrior.

        I like the OP have Optimizepress v.1.
        I keep it updated on all my sites with no glitches. But, if your not going to support it forever what do we have to do to update to OptimizePress v.2? I don't remember receiving any info in my email about how to update. Just looked in the members area and don't see anything about how Version 1 users can update to version 2.

        Is the framework really that different that we need to hire a programmer to make the updates? If the framework is that different do you have tutorials showing how to make the changes?

        Thanks
        Jim
        Signature

        Always looking for the best service providers on Warrior Forum.

        {{ DiscussionBoard.errors[8840581].message }}
        • Profile picture of the author bigballin6161
          Originally Posted by BigGameHunter View Post

          Hi James,

          Glad to see your monitoring all discussions about OptimizePress here on Warrior.

          I like the OP have Optimizepress v.1.
          I keep it updated on all my sites with no glitches. But, if your not going to support it forever what do we have to do to update to OptimizePress v.2? I don't remember receiving any info in my email about how to update. Just looked in the members area and don't see anything about how Version 1 users can update to version 2.

          Is the framework really that different that we need to hire a programmer to make the updates? If the framework is that different do you have tutorials showing how to make the changes?

          Thanks
          Jim
          I think you have to buy OP 2. Even if you have OP 1 they are totally different.
          {{ DiscussionBoard.errors[8840653].message }}
          • Profile picture of the author Teravel
            Originally Posted by dudelive View Post

            Bullet Security
            Originally Posted by hpgoodboy View Post

            Exactly.

            Download wordpress.org/plugins/bulletproof-security/, install it and enable it. Case solved.

            It is not OptimizePress that is getting hacked, it is WordPress by the way. Optimize press has nothing to do with the hacking issue.
            I have no experience with Bullet Security, but they are right to suggest a security feature. Wordpress is not a very secure piece of software, as it is open source. It is more likely a Worpress vulnerability that is being used to break into your websites, and not OptimizePress.
            Signature

            "Failure is feedback. Feedback is the breakfast of champions." -Fortune Cookie

            PLR Packages - WSO

            {{ DiscussionBoard.errors[8840725].message }}
          • Profile picture of the author BigGameHunter
            Originally Posted by bigballin6161 View Post

            I think you have to buy OP 2. Even if you have OP 1 they are totally different.
            I liked OP v.1 so much I stopped looking. I see OP 2.0 is completely different and I have to buy it again. Don't have a problem with that.

            Just wondering how much trouble I am going to have with the transition as the original poster suggests.

            Thanks for your help
            Signature

            Always looking for the best service providers on Warrior Forum.

            {{ DiscussionBoard.errors[8846628].message }}
        • Profile picture of the author BigGameHunter
          Originally Posted by BigGameHunter View Post

          Hi James,

          Glad to see your monitoring all discussions about OptimizePress here on Warrior.

          I like the OP have Optimizepress v.1.
          I keep it updated on all my sites with no glitches. But, if your not going to support it forever what do we have to do to update to OptimizePress v.2? I don't remember receiving any info in my email about how to update. Just looked in the members area and don't see anything about how Version 1 users can update to version 2.

          Is the framework really that different that we need to hire a programmer to make the updates? If the framework is that different do you have tutorials showing how to make the changes?

          Thanks
          Jim
          Found the answer to my question above:
          The problem with your suggestion is that OP2 is completely new software that is built from the ground up and not an upgrade from OP.
          So if we were to replace your pages, you will have to design them again from scratch, which will be a painstaking process since it will require going into the Page Builder and Live Editor to make the edits.

          However, it's not all doom and gloom. OP2 also works as a plugin, so you can still run your current OP1 setup as a theme whilst having OP2 as a plugin and have them both running side by side. you will still be able to create pages with OP1as well have all the updated functionality of OP2 and create pages using the tool if you desire.
          This will ensure that your site doesn't break.

          Hope This Helps






          Signature

          Always looking for the best service providers on Warrior Forum.

          {{ DiscussionBoard.errors[8855384].message }}
  • Profile picture of the author EPoltrack77
    Man, thats a good one. I use optimizepress on everything I do. Do you keep your comments clean using the Akismet plugin? Also what about changing your crudentials?
    Signature
    Targeted Viewers! All your traffic needs in one spot. Get seen today!
    Click Here Now
    {{ DiscussionBoard.errors[8846637].message }}
  • Profile picture of the author betterwtveter
    I have a partner that uses optimizepress, but I just have not gotten around to using it, but it is recommended.
    {{ DiscussionBoard.errors[8855580].message }}
  • Profile picture of the author Moneymaker2012
    Found the answer to my question above:
    The problem with your suggestion is that OP2 is completely new software that is built from the ground up and not an upgrade from OP.
    So if we were to replace your pages, you will have to design them again from scratch, which will be a painstaking process since it will require going into the Page Builder and Live Editor to make the edits.
    However, it's not all doom and gloom. OP2 also works as a plugin, so you can still run your current OP1 setup as a theme whilst having OP2 as a plugin and have them both running side by side. you will still be able to create pages with OP1as well have all the updated functionality of OP2 and create pages using the tool if you desire.
    This will ensure that your site doesn't break.
    Hi BigGameHunter,
    Thanks for sharing this amazing information now i am going to use OP2 as a plugin.
    {{ DiscussionBoard.errors[8855636].message }}
  • Profile picture of the author malcsimm
    Dan - if you have a look at your error logs in cPanel you will see hackers trying to attack your WP install every single day - line after line after line!

    Seeing this makes you realise just how many people are trying to hack you. You deffo need a security plugin!

    Good to see that James is on the ball giving feedback about OP.

    Cheers

    Malc
    Signature

    You WILL banish # Procrastination, # Email bloat, # Wasting time, # Wasting money
    Getting Things Done PLUS Evernote turned my life around - read here how I do it
    {{ DiscussionBoard.errors[8855750].message }}
  • Profile picture of the author Jennie Heckel
    Hi Dan,

    This may be a foolish question but as a web programmer and a web developer sometimes it is the SIMPLE thing you forgot to do that is getting your site hacked.

    1. Did you disable the default "Admin" user name and "Admin" password?

    2. Did you change your password or do you keep saved passwords in your web browser?

    3. I would try this program at CCleaner.com (it's free and no I am not an affiliate) to clear out your Internet cache and BE SURE TO HAVE IT CHECKED TO NOT SAVE PASSWORDS. It is a headache to reinsert your passwords but I have a STRONG suspiction that your COMPUTER IS HACKED and that is how they are getting into your sites with a key logger or similar keyboard tracking software.

    4. I would also recommend a high end Antivirus like Kaspersky (no I am not an affiliate) as that is the only program I will use and I host over 50 websites on my reseller account. I have used it over 10 years with no problems and never being hacked. I use it on my own computers, servers to eradicate viruses, worms, bad computer bugs, and it should pick up any suspicious logins or file access like a key logger would do.

    5. Another thing to think about is I only use a Windows VPS server and only do html based sites and I have had sites up for over 15 years that have never been changed that are safe from hackers.

    (BTW I no longer have blog sites as they are too high maintenace with all the updates and plugins you have to use to plug the security holes.)

    Blogs are fiine but you have to be very techincally savvy in order to maintain them and prevent hacker intrusions because as soon as you add another plugin or do a new Wordpress or OptimizePress update you open up the blog to a new way for a hacker to get in.

    Just a thought...

    Jennie Heckel
    Sales Letter Copywriter
    SEO Expert Consulting
    Signature
    ******* WSO & JV ZOO COPYWRITER -- VLS & SALES LETTERS PROVEN TO CONVERT ******* Get Higher Profits From Launches That SELL! Proven Copywriter with 17 Years of Copywriting Experience. Contact Me Via Skype: seoexpertconsulting Copywriting Website: http://www.VideoScriptCopywriter.com

    {{ DiscussionBoard.errors[8855948].message }}
    • Profile picture of the author Karen Blundell
      I agree with Jennie's suggestions -

      I no longer use WordPress for any of my sites and every new site I create from now on will be straight HTML 5 and CSS3 - no more open source scripts - especially not the most common ones. It's just not worth the aggravation and risk.
      Signature
      ---------------
      {{ DiscussionBoard.errors[8856342].message }}
  • Profile picture of the author bhaynet1
    Hi James & fellow warriors -

    I have both OP 1 & 2 - and while OP 2 has a lot of new features, drop & drag builders, etc - I was quite disappointed that many of the basic IM functions we expect in a squeeze page or sales page are completely missing from OP 2.

    Also - OP 2 has conflicts with a number of themes and plugins - so if you want OP2 - best to check their known conflicts page. HybridConnect is one - and I know that the page builder would freeze & I would have to disable every single plugin to fix it - even my database backup plugins.

    James did say last fall that he would consider adding in the previous functions (could not build a basic sales box with a perforated border at all, also could not add custom text with a check box (ex. "Yes! Sign me up - I understand I will be billed, etc" - which btw - is required by the FTC).

    While I do like the appearance of OP2 - nice squeeze pages similar to leadpages.net - BUT if you want function - then please ask James to hear you & either continue OP1, or sell it to someone who will maintain it -or add back the functions of OP1 into OP2.

    Wishing you all much success & happiness.
    {{ DiscussionBoard.errors[8856969].message }}

Trending Topics