Wordpress keeps reinfected
-
hello my wordpress theme keeps reinfected
i dont know were the virus is coming from, they upload archives on ftp and redirects all wordpress pages
i installed this pluggin
what is your opinion about this pluggin
my wordpress is all actualized. Any ideas to spot reinfections
-
If you can reload the site via FTP to a state prior to loading the plugin that would be the way to go...assuming the plugin is the problem.
-
i think the plugin is not the problem thats why i am asking information about that plugin.
I have restored the web every two days wich is the time between they can enter my ftp again.
24 up 48 hours the time bettwen virus came back to wordpress and install new archives.
I have change all the passwords, no clue what is happening
-
Might be best to use someone that has specific knowledge of WordPress security to lock your site down. Plugins generally don't catch everything and certainly do not lock you down from further attacks. There are a few steps that you can take to make sure your site won't be infected through simple scripts and brute force. If you need a referral for a security guys let me know.
-
Yes please give me some referrals
-
Hi There,
I previously dealt with 3 WordPress website that have got infected. Installing plugins like sucuri.net or http://vaultpress.com/ could be a solution but once the system is infected those won't necessary fix the problem
Here's what to do:
1. Delete all you plugin and check the theme for malware. If possible reinstall the theme with the original/updated version. See if that fixes the problem
If not:
Backup your database ( or even use a .xml export file)
Backup your pictures (make sure you only keep files with extensions like .jpg, .jpeg, .gif, .swf, .png, .bmp )Delete all your wordpress folder
Reinstall fresh version of wordpress
Reinstall fresh version of theme
Import data.xml or run database import from phpmyadmin
Upload your images.
If the problem persists, make sure your hosting environment is not the cause of the infection. Unfortunately one of my clients had a situation like those and we had to change all his hosting...
BUT: MOST LIKELY ONE OF THE PLUGINS WILL BE THE CAUSE
UNINSTALLING AND DELETING ALL PLUGINS MIGHT JUST FIX THIS ISSUE.
-
Tanks Alexandru, i will do that.
My host is the one who keeps saving me from this attack.
They adviseme to unistall sucuri pluggin. And look for virus on my computer (althouth i have a Mac) i run the only virus program i could find (dont now if you can tell me another for mac
-
My first thoughts: I'd install something like WP Firewall, to help you monitor any changes in files and easily maintain security on the site. It should email you any time something is changed (can be annoying but it might provide a trail for you for how the site is getting changed).
It might not provide everything you need though, as already stated.
Have you been able to identify how the site is being altered? See if you can find some of the code that is being used and then do a web search for it.
I recently found that a few of our sites had been hacked using an exploit through Akismet - yeah Akismet. It was about 30 websites that got hacked - and the only common plugin was Akismet. So if it's happening over a couple of sites (I see you have a couple) look for patterns (same host, same plugins, same ftp details) and try and isolate the issue that way.
-
I have askimet instalet.
They upload files like and introduced code like database.sql.php on htaccess
-
Hmmm maybe some further reading is required. Here's potentially some helpful info for you on hardening WP, and other experiences with .htaccess hacks that might point you in a helpful direction.
http://codex.wordpress.org/Hardening_WordPress
https://www.google.com/search?q=htaccess+hack+wordpress
http://wordpress.org/support/topic/htaccess-hacked-redirects-to-russion-site
http://wordpress.org/support/topic/recurring-htaccess-hijack?replies=30
http://wordpress.org/support/topic/my-sites-htaccess-file-hacked-how
-
0391
-
017397
-
12457
-
02418
-
05308
-
0810.1k
-
07702
-
02643
