Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
|
New Webmasters ask "How-To" questions here. This is where other fucking Webmasters help. |
|
Thread Tools |
07-10-2015, 12:38 PM | #1 |
Registered User
Industry Role:
Join Date: Dec 2012
Posts: 29
|
help me stop wordpress hackers?
So my sites are being targeted by hackers. They are using my sites to send out PHP mail spam. My coder is kind of nonchalant about it and I am about to load a back up and need a way to stop this from happening in the future. Can anyone please recommend some security settings or plugins that will prevent this?
__________________
Hot girls nude-- www.glamourgirlshq.com Hot asian-- www.Iloveelapasion.com Hot milf-- www.sunnyadams.com COMING SOON www.thehaleyryder.com TRUE 50/50 rev share on affiliate programs! Let us pay you! Contact: [email protected] |
07-10-2015, 02:21 PM | #2 |
Too lazy to set a custom title
Industry Role:
Join Date: Feb 2005
Posts: 17,165
|
|
07-10-2015, 02:26 PM | #3 |
Confirmed User
Industry Role:
Join Date: Nov 2005
Posts: 2,539
|
Take Denny's advice above.
Also, important to remember, your Wordpress site is only as secure as the host, so make sure your host is on top of keeping everything current. And make absolutely sure your themes and plugins are up to date and secure.
__________________
NSFW |
07-10-2015, 03:12 PM | #4 |
Elysium
Industry Role:
Join Date: Feb 2011
Location: Prague
Posts: 1,037
|
You need to look for injected code in your own php files. It's most likely automated attack which inserts code to index.php files anywhere in hierarchy or create its own (like hello.php, help.php, code.php etc.). Look for your folders with 777. Code is also most likely inserted at the very beginning of file. There can be new php file that 777 some folder which is in use of some importing script that use cron or download data from somewhere. You should also implement Cloudflare and check your logs for failed ssh login attempts. Suspicious IP's need to be blocked on regular basis. I bet they will mostly come from China. If you do not use this traffic I recommend to block it completely. You can also turn off your mail server. But it will most likely result in another different type of attack.
Plugins to consider: Block Bad Queries (BBQ) Brute Force Login Protection Sucuri Security Wordfence Security Also: Change all users "admin" in WP to different one. Change all passwords (wp/ftp/cpanel/ssh). Good luck! |
07-10-2015, 10:47 PM | #5 |
Confirmed User
Industry Role:
Join Date: Nov 2014
Posts: 182
|
Hardening the server security is also important.
Use good server setup, example nginx+php-fpm+mysql or mongo Use nginx as a proxy cache to the front of the web, and keep infra behind proxy. |
07-12-2015, 07:01 AM | #6 |
♥♥♥ Likes Hugs ♥♥♥
Industry Role:
Join Date: Nov 2001
Location: /home
Posts: 15,841
|
https://www.prontoadmin.com
What you're talking about is almost always an outdated version of Wordpress, plugins or a vulnerable theme. Check to see which directory the scripts are being uploaded to. That might give you some idea of the script that's vulnerable. If you're on shared hosting, I see a lot of people set permissions on directories to 777 which will allow other users to write files to those directories.
__________________
I like pie. |
07-12-2015, 09:24 PM | #7 |
Registered User
Join Date: Jun 2004
Location: Asia
Posts: 29
|
It happened to me before.
First thing, update your wordpress version. Check the list of users. If there is any new user with admin rights, delete the user. Update all your plugins and themes also. If you are using any themes or plugins dowloaded from warez sites, it could also be a problem.
__________________
|