So my sites are being targeted by hackers. They are using my sites to send out PHP mail spam. My coder is kind of nonchalant about it and I am about to load a back up and need a way to stop this from happening in the future. Can anyone please recommend some security settings or plugins that will prevent this?
-
Hot girls nude-- www.glamourgirlshq.com
Hot asian-- www.Iloveelapasion.com
Hot milf-- www.sunnyadams.com
COMING SOON
www.thehaleyryder.com
TRUE 50/50 rev share on affiliate programs! Let us pay you!
Contact: [email protected] -
Take Denny's advice above.
Also, important to remember, your Wordpress site is only as secure as the host, so make sure your host is on top of keeping everything current. And make absolutely sure your themes and plugins are up to date and secure.NSFWComment
-
You need to look for injected code in your own php files. It's most likely automated attack which inserts code to index.php files anywhere in hierarchy or create its own (like hello.php, help.php, code.php etc.). Look for your folders with 777. Code is also most likely inserted at the very beginning of file. There can be new php file that 777 some folder which is in use of some importing script that use cron or download data from somewhere. You should also implement Cloudflare and check your logs for failed ssh login attempts. Suspicious IP's need to be blocked on regular basis. I bet they will mostly come from China. If you do not use this traffic I recommend to block it completely. You can also turn off your mail server. But it will most likely result in another different type of attack.
Plugins to consider:
Block Bad Queries (BBQ)
Brute Force Login Protection
Sucuri Security
Wordfence Security
Also: Change all users "admin" in WP to different one. Change all passwords (wp/ftp/cpanel/ssh).
Good luck!Comment
-
Hardening the server security is also important.
Use good server setup, example nginx+php-fpm+mysql or mongo
Use nginx as a proxy cache to the front of the web, and keep infra behind proxy.Comment
-
https://www.prontoadmin.com
What you're talking about is almost always an outdated version of Wordpress, plugins or a vulnerable theme. Check to see which directory the scripts are being uploaded to. That might give you some idea of the script that's vulnerable.
If you're on shared hosting, I see a lot of people set permissions on directories to 777 which will allow other users to write files to those directories.I like pie.Comment
-
It happened to me before.
First thing, update your wordpress version. Check the list of users. If there is any new user with admin rights, delete the user.
Update all your plugins and themes also.
If you are using any themes or plugins dowloaded from warez sites, it could also be a problem.
Comment
Comment