Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact us.

 

Register GFY Rules Calendar
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >
New Webmasters ask "How-To" questions here. This is where other fucking Webmasters help.

 
Thread Tools
Old 07-10-2015, 12:38 PM   #1
jay_gghq
Registered User
 
Industry Role:
Join Date: Dec 2012
Posts: 29
help me stop wordpress hackers?

So my sites are being targeted by hackers. They are using my sites to send out PHP mail spam. My coder is kind of nonchalant about it and I am about to load a back up and need a way to stop this from happening in the future. Can anyone please recommend some security settings or plugins that will prevent this?
__________________
Hot girls nude-- www.glamourgirlshq.com
Hot asian-- www.Iloveelapasion.com
Hot milf-- www.sunnyadams.com
COMING SOON
www.thehaleyryder.com


TRUE 50/50 rev share on affiliate programs! Let us pay you!

Contact: [email protected]
jay_gghq is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook
Old 07-10-2015, 02:21 PM   #2
Denny
Too lazy to set a custom title
 
Denny's Avatar
 
Industry Role:
Join Date: Feb 2005
Posts: 17,166
Hardening WordPress « WordPress Codex

Hardening WordPress Security: 25 Essential Plugins + Tips - Hongkiat

...
__________________
Denny is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook
Old 07-10-2015, 02:26 PM   #3
robwod
Confirmed User
 
Industry Role:
Join Date: Nov 2005
Posts: 2,539
Take Denny's advice above.

Also, important to remember, your Wordpress site is only as secure as the host, so make sure your host is on top of keeping everything current. And make absolutely sure your themes and plugins are up to date and secure.
__________________
NSFW
robwod is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook
Old 07-10-2015, 03:12 PM   #4
RachelBlackG
Elysium
 
RachelBlackG's Avatar
 
Industry Role:
Join Date: Feb 2011
Location: Prague
Posts: 1,037
You need to look for injected code in your own php files. It's most likely automated attack which inserts code to index.php files anywhere in hierarchy or create its own (like hello.php, help.php, code.php etc.). Look for your folders with 777. Code is also most likely inserted at the very beginning of file. There can be new php file that 777 some folder which is in use of some importing script that use cron or download data from somewhere. You should also implement Cloudflare and check your logs for failed ssh login attempts. Suspicious IP's need to be blocked on regular basis. I bet they will mostly come from China. If you do not use this traffic I recommend to block it completely. You can also turn off your mail server. But it will most likely result in another different type of attack.

Plugins to consider:
Block Bad Queries (BBQ)
Brute Force Login Protection
Sucuri Security
Wordfence Security

Also: Change all users "admin" in WP to different one. Change all passwords (wp/ftp/cpanel/ssh).

Good luck!
RachelBlackG is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook
Old 07-10-2015, 10:47 PM   #5
Venum
Confirmed User
 
Venum's Avatar
 
Industry Role:
Join Date: Nov 2014
Posts: 182
Hardening the server security is also important.

Use good server setup, example nginx+php-fpm+mysql or mongo

Use nginx as a proxy cache to the front of the web, and keep infra behind proxy.
Venum is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook
Old 07-12-2015, 07:01 AM   #6
Babaganoosh
♥♥♥ Likes Hugs ♥♥♥
 
Babaganoosh's Avatar
 
Industry Role:
Join Date: Nov 2001
Location: /home
Posts: 15,841
https://www.prontoadmin.com

What you're talking about is almost always an outdated version of Wordpress, plugins or a vulnerable theme. Check to see which directory the scripts are being uploaded to. That might give you some idea of the script that's vulnerable.

If you're on shared hosting, I see a lot of people set permissions on directories to 777 which will allow other users to write files to those directories.
__________________
I like pie.
Babaganoosh is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook
Old 07-12-2015, 09:24 PM   #7
CaringNeo
Registered User
 
Join Date: Jun 2004
Location: Asia
Posts: 29
It happened to me before.

First thing, update your wordpress version. Check the list of users. If there is any new user with admin rights, delete the user.

Update all your plugins and themes also.
If you are using any themes or plugins dowloaded from warez sites, it could also be a problem.
__________________
CaringNeo is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook
 
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >

Bookmarks

Tags
future, hackers, happening, sites, stop, wordpress



Advertising inquiries - marketing at gfy dot com

Contact Admin - Advertise - GFY Rules - Top

©2000-, AI Media Network Inc



Powered by vBulletin
Copyright © 2000- Jelsoft Enterprises Limited.