Register

If this is your first visit, please click the Sign Up now button to begin the process of creating your account so you can begin posting on our forums! The Sign Up process will only take up about a minute of two of your time.

Page 1 of 2 1 2 LastLast
Results 1 to 10 of 18
  1. #1
    Junior Member SassyBiz's Avatar
    Join Date
    Sep 2014
    Posts
    5
    Member #
    40154

    WP site hacked several times!

    Hi guys - not sure if this is the right place to ask this question but here goes

    My site isn't even finished being designed yet & this is the first time since 1997 (when I started having websites up & running) that I've experienced this issue.

    In the last 4 weeks my site's been hacked 3 times. The first one was apparently sending out spam emails - the 2nd was apparently a phishing attempt for PayPal stuff and the 3rd I have no idea (I found a folder called "**** you mom" in there! ????

    To stop,this I've talked to my host. They tell me their servers haven't been hacked - so we changed some passwords & I changed them again immediately to long strong PW's. That didn't work since the 3rd hack happened about a day later!

    My web designer / dev (she is a dev first, designer second), has used FTP to upload stuff to my site so I asked her to check THAT set up - PW (since I didn't set it up & haven't used FTP for this site yet myself).

    Luckily the site has little on it at this early stage of design etc, so we're deleting all & she'll do yet ANOTHER manual install for WP then upload my theme & plugins again.

    Can ANYONE shed any light on this problem & how to avoid it? It's making me very nervous about my site & the launch marketing sequences I have planned to run once the site is ready. My reputation will be down the drain if in the middle of my launch everything goes to ****!

    I'd appreciate any techie advice you can offer.

    Cheers
    Lyn
    Australia




    Sent from my iPad using Tapatalk

  2.  

  3. #2
    Unpaid WDF Intern TheGAME1264's Avatar
    Join Date
    Dec 2002
    Location
    Not from USA
    Posts
    14,485
    Member #
    425
    Liked
    2783 times
    1) and 2) might not be hacks on your server. Sometimes emails can be "spoofed"...meaning people can alter the from field on the email to say pretty much whatever they want. Most good servers are configured to prevent against this from occurring, but sometimes bad servers aren't; the reason is precisely that which you have come across.

    Let me give you an example, using your username. Let's say your site is sassybiz.com. It's hosted somewhere in Australia. A misconfigured server in say Russia might allow people to send emails as being from sales@sassybiz.com, and you'll never have any record of it since the emails weren't sent from your server. You'd need to examine the host headers of the emails and/or SMTP logs to be sure, though.

    3) ... that's a hack. That couldn't have happened any other way. Changing passwords alone doesn't prevent against hacking, although it's good practice. Usually addition of folders come from one of a few things, in descending order of likelihood:

    1) Misconfigured permissions on the parent directory...my guess would be that it's the root directory of the site in this case.
    2) A piece of software on the server, such as cPanel, not being updated. As much as I am a critic of WP's security and bloat, I can't see it being the issue since if the first two issues were hacks, it probably doesn't explain them. I'd start with say cPanel or whatever your host uses.
    3) The operating system on the server needs to be updated.

    If your site sells a product or service and you have an SSL for it, I suggest getting a PCI scan either through your SSL or the payment processor.

    What's your site and who is your host? Yes, you're allowed to link to both because it's relevant to the original post. A mod just gave you permission. I suggest taking it.
    If I've helped you out in any way, please pay it forward. My wife and I are walking for Autism Speaks. Please donate, and thanks.

    If someone helped you out, be sure to "Like" their post and/or help them in kind. The "Like" link is on the bottom right of each post, beside the "Share" link.

    My stuff (well, some of it): My bowling alley site | Canadian Postal Code Info (beta)

  4. #3
    Junior Member SassyBiz's Avatar
    Join Date
    Sep 2014
    Posts
    5
    Member #
    40154
    Hi!! I am SO sorry I didn't see your reply until just NOW! I was quite new to TAPATALK when I posted back in Sept and didn't have my notifications set up properly. I only found this as I was checking under "participated".

    I'm very grateful for your reply even now since my site didn't end up even really getting started. The dev / designer said she sorted out the hacked site & we started over but before we could get into the design she had another job to do then took a J.O.B. & moved from Canada to the U.S. Am now waiting for her to refund what I had paid up front after waiting fir her to get a U.S. bank a/c to get her pay paid into. Drama after drama!

    Anyway I'm now designing it myself as I don't have the money to start with yet another dev- designer.

    I've got my theme installed & am just planning it out using some helpful templates to use as a guide from a lady called Marisa Murgatroyd who's doing very well in her own online business (websites & marketing).


    Sent from my iPad using Tapatalk

  5. #4
    Junior Member SassyBiz's Avatar
    Join Date
    Sep 2014
    Posts
    5
    Member #
    40154
    Thank you so much for taking the time to explain things to me, it's incredibly kind of you & will be great to keep for future reference.


    Sent from my iPad using Tapatalk

  6. #5
    Junior Member SassyBiz's Avatar
    Join Date
    Sep 2014
    Posts
    5
    Member #
    40154
    PS! My site is https://www.lynbowker.com and my host is CrazyDomains.com.au (who were taken over by some large ISP about a year ago. They used to use CPanel then it was chanted to Dreamscape


    Sent from my iPad using Tapatalk

  7. #6
    Junior Member
    Join Date
    Apr 2015
    Location
    Laval
    Posts
    5
    Member #
    49452
    Update your Wordpress version into your admin panel, a lot of security patch have been release since a few years and the version have less vulnaribility this this king of attack.

    Furthermore, connect to your server by ftp and rename the directory /wp-admin, for example /secure7-admin, and use a strong password that include cap letter, symbol and more than 8 characters.

  8. #7
    Junior Member digitalpursuit's Avatar
    Join Date
    Jul 2015
    Location
    Florida
    Posts
    2
    Member #
    51347
    Hi friends,

    Wordpress plugins security plug in available so no security problem in wordpress.

  9. #8
    Senior Member bleau canon's Avatar
    Join Date
    Mar 2011
    Location
    Appalachia Blue Ridge Mts.
    Posts
    586
    Member #
    27201
    Liked
    176 times
    Good suggestions but, the average WP user cannot afford a vps nor do they know how to set one up and manage it. Their other alternatives would be a managed vps, very expensive, or affordable shared hosting.

    98% of WP sites are on shared hosting. We have several hundred WP, Joomla and Drupal sites on shared hosting plans and have never had a hack. We have most of those on our reseller accounts and a few on one of our vps.

    The key is to always keep a backup of your files regularly and always update WP, your theme and the plugins.

    It takes only a few minutes to do all of that. You need to check into you admin area on a regular basis to see the updates and to make the updates.
    Bleau
    "Give the gift of life, Adopt a child, And an Animal"

  10. #9
    Unpaid WDF Intern TheGAME1264's Avatar
    Join Date
    Dec 2002
    Location
    Not from USA
    Posts
    14,485
    Member #
    425
    Liked
    2783 times
    He also copy/pasted the advice from another site verbatim. That's why he's banned.
    If I've helped you out in any way, please pay it forward. My wife and I are walking for Autism Speaks. Please donate, and thanks.

    If someone helped you out, be sure to "Like" their post and/or help them in kind. The "Like" link is on the bottom right of each post, beside the "Share" link.

    My stuff (well, some of it): My bowling alley site | Canadian Postal Code Info (beta)

  11. #10
    Senior Member bleau canon's Avatar
    Join Date
    Mar 2011
    Location
    Appalachia Blue Ridge Mts.
    Posts
    586
    Member #
    27201
    Liked
    176 times
    Quote Originally Posted by TheGAME1264 View Post
    He also copy/pasted the advice from another site verbatim. That's why he's banned.
    Ok, you deleted his post too I see.
    Bleau
    "Give the gift of life, Adopt a child, And an Animal"


Page 1 of 2 1 2 LastLast

Remove Ads

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
All times are GMT -6. The time now is 08:35 PM.
Powered by vBulletin® Version 4.2.3
Copyright © 2019 vBulletin Solutions, Inc. All rights reserved.
vBulletin Skin By: PurevB.com