Making Wordpress More Secure Suggestions?
Does anyone have a solution to prevent injection hacks on their Wordpress sites?
In particular, stopping some of these apparent injection hacks from MoroccanWolf. Google "AD4-Hacked by Moroccanwolf" and you'll see this guy all over the place.
I've had several sites get hacked and I can't figure out the entry point.
I've had sites with all kind of security plugins get hit -- Wordfence, All In One Security, iThemes Security, Limit Logins, etc. I'm pretty sure it's not a password attack since I don't see any kind of evidence in the retry log. I had a site with just the stock WP installed and even that got whacked so I don't think it was a plugin exploit...unless it was Akismet...That's why I'm suspecting some kind of injection.
The 3 things that seem to get changed are the Title, some junk getting inserted into the text widget, and the UTF encoding.
Thanks for any ideas.
Wendell
Services offered: PSD to Wordpress, Joomla, Drupal Templates or Full Site, Custom PHP or C# Programming, Fix problems on any software, and more.
You will get 25% OFF all services by mentioning the Warrior Forum. PM me here or email me to ivanphp404@gmail.com if interested and/or if you have questions.
List your no opt-in product here for free: No Opt In Required
I fix WordPress problems, PM me if you need help