15 {{ upvoteCount | shortNum }}
15 {{ upvoteCount | shortNum }}

AGH!! Wordpress site hacks, I'm playing what-a-mole daily!!

by phil.wheatley
12 replies
  • WEB DESIGN
    • |
Hi Guys

I have about 15 wordpress sites and they keep getting hacked, a combination of the main php file being modified as well as malware files being uploaded to my site.

Here are the steps I have taken so far:

Change my hosting password
Changed my usernames from admin to something more cryptic
changed the passwords
Installed Wordfence.
Updated all the themes (the original problem was due to venerability with an old version of OptimizePress)
Updated all the plugins

What else can I do or use? Despite whatever I do, it happens everyday and is really p....getting on my nerves.

Many thanks
Phil
#agh #daily #hacks #playing #site #whatamole #wordpress
  • Profile picture of the author arianna143
    Originally Posted by phil.wheatley View Post

    Hi Guys

    I have about 15 wordpress sites and they keep getting hacked, a combination of the main php file being modified as well as malware files being uploaded to my site.

    Here are the steps I have taken so far:

    Change my hosting password
    Changed my usernames from admin to something more cryptic
    changed the passwords
    Installed Wordfence.
    Updated all the themes (the original problem was due to venerability with an old version of OptimizePress)
    Updated all the plugins

    What else can I do or use? Despite whatever I do, it happens everyday and is really p....getting on my nerves.

    Many thanks
    Phil
    Yes there is one more thing that remove the wp-admin page so that the hacker can't find the page to login your website and the all above are fine.
    {{ DiscussionBoard.errors[9057328].message }}
    • Profile picture of the author phil.wheatley
      Originally Posted by arianna143 View Post

      Yes there is one more thing that remove the wp-admin page so that the hacker can't find the page to login your website and the all above are fine.
      Oh I see, how do you do that?
      Signature



      It's still not working for you??? Need direction?...
      ---->>>> BrainDirection.com <<<<----
      {{ DiscussionBoard.errors[9057405].message }}
  • Profile picture of the author tracker411
    Hi
    Most likely a hacker isn't entering your website through wp-admin unless you have a very weak user name and password. If you do log in to phpmyadmin and under the table wp-users change your user name to something other then admin and use a strong password.

    Most like likely it is a php script or mysql injection that is the culprit. If you don't get the files completely cleaned of any malicious code the hacker can easily get back in to your files.

    Chmod your .htaccess and wp-config.php file to 0444.

    Also change your mysql user name and password. Once you create a new database user name and password and add it to your wp-config.php file delete your old db user name and password.
    Signature

    Hello Everyone

    {{ DiscussionBoard.errors[9057537].message }}
  • Profile picture of the author andreiluca
    Have you consider changing hosting location? It might not be your fault after all.
    {{ DiscussionBoard.errors[9057548].message }}
  • Profile picture of the author RobinInTexas
    Install WordPress › Anti-Malware (Get Off Malicious Scripts) « WordPress Plugins plugin on all your sites and let it scan all of them.

    If you are on shared hosting, there are some exploits that create a backdoor to all the sites on your server. The backdoor may not be on the site where you see the problem.

    Who is your webhost? Some of them are less secure than others.
    Signature

    Robin



    ...Even if you're on the right track, you'll get run over if you just set there.
    {{ DiscussionBoard.errors[9057611].message }}
  • Profile picture of the author phil.wheatley
    Thanks Guys for all your suggestions.

    Yeah, one think I already did was change all the logins from the default Admin, wish I recommend everyone does.

    My hosting is Hostgator.

    Robin, thanks mate, I will install that plugin as that looks good!!

    Thanks
    Phil
    Signature



    It's still not working for you??? Need direction?...
    ---->>>> BrainDirection.com <<<<----
    {{ DiscussionBoard.errors[9057830].message }}
  • Profile picture of the author hari12345
    Wordpress sites are easliy hacked....please follow the following things...

    1. Create a username and password for the wp-admin page
    2. limit the login attempts to avoid bruteforce from hackers
    3. change the default database prefix to something other than wp_dbname....
    4. hide your wp version
    Signature
    Cheapest Designing service with so many +ve reviews....Only for warriors at this insane price
    {{ DiscussionBoard.errors[9058844].message }}
  • Profile picture of the author wikiklix
    Great thread, I have been suffering the same frustrations with mailware, it seems to be on the increase more recently. Thanks for sharing the steps you have taken
    Signature
    Perfectly Branded Domains
    {{ DiscussionBoard.errors[9058852].message }}
  • Profile picture of the author tracker411
    I also recommend using the ithemes security plugin (formerly better wp security)
    https://wordpress.org/plugins/better-wp-security
    Signature

    Hello Everyone

    {{ DiscussionBoard.errors[9060136].message }}
  • Profile picture of the author kpmedia
    It's likely a plugin or theme with the hole that a hacker in exploiting.
    That's actually where most hacks come from.
    Signature
    FAQ: Need a Site5/Arvixe/Hostgator alternative? And who is EIG?
    Reviews:     Need a good VPS, dedicated server, or unlimited host? (This is NOT a fake "top 10" list!)
    {{ DiscussionBoard.errors[9062713].message }}
  • Profile picture of the author WPcrew
    I use ithemes security plugin, and I can recommend it. There's bunch of things you can do to improve security, so start reading:
    How to Protect WordPress Sites
    {{ DiscussionBoard.errors[9063563].message }}
  • Profile picture of the author nettiapina
    It seems that you might've not really cleaned the hacked sites. You know, the hackers often install a back door so that they don't lose access in case you decide to update WordPress. Updating old plugins and WordPress does nothing if the attack code is in the other plugins, in your upload folders, or other themes. It might also be in other old scripts under the same hosting account.

    At least reinstall every plugin, delete every theme you don't need, go through the .php files in the theme that you use, and search root, /wp-content and especially /wp-content/uploads folder for .php files that shouldn't be there. And see that there's no installed 3rd party scripts under your hosting account that are out of date.

    Wordfence might find attack code under the whole site, but it's not 100% accurate. I would also recommend iThemes Security.
    Signature
    Links in signature will not help your SEO. Not on this site, and not on any other forum.
    Who told me this? An ex Google web spam engineer.

    What's your excuse?
    {{ DiscussionBoard.errors[9109546].message }}

Trending Topics