-
You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.
Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"
How to prevent your WordPress website from getting hacked like a PRO
- Thread starter Escanor64
- Start date
guys pls I need your help.
the CC in inmotion has no solution to my issue. instead, they Quarantined all my websites and the result is the attached file. however, I am certain that the backup I have on onedrive might be affected too.
what should I do to recover the site from (index of /) on all the websites?
i am confused now
the CC in inmotion has no solution to my issue. instead, they Quarantined all my websites and the result is the attached file. however, I am certain that the backup I have on onedrive might be affected too.
what should I do to recover the site from (index of /) on all the websites?
i am confused now
Attachments
Before Babiato I used to download themes and plugins from several sites likes. One in particular The WordPress Vault or something similar has malware inside LearnDash plugins and infected my site and other sites. I recreate all the site from 0. IĀ“m not finding a solution to delete the malware and repair that WordPress installation.
After Babiato I only work whit stuff member share here. I love this community all work perfectly. I recommend you start fresh with that site. Before that, you can try to identify what plugins have the malware.
The security plugins in my experience work fine to prevent infections, but not for clean infected sites. I whish you good luck!
You are wrong. Try to do bad pratice in the server and use security plugins you will see. The target always will be the server.
Most people have issues with that. Thinks that security plugins are a "Bulletproof" against any attack vector. With is fake!
Why using a plugin to change your core settings when you can change key salt easily and without plugin needed? Wasting resources and creating another issues.
Do you think security plugins doesn't have also vulnerabilities? Of course it have.
If you do good pratice in your server what can be hacked is WordPress only not the server. Guess what happen? If you have sensible information in the server nothing will be available at all.
This is a good text for those who thinks security plugins will save it.
Just don't use many plugins and avoid that! Use clean backups and start again without nulled plugins from some bad sources...
I was trying to add my comment with codes but it was not publishing and giving errors, so I have attached my code in a text file please download for refference. Please add these codes inside child themes functions.php or mu-plugin file or site specific plugin.
First of all, I have prevented unknown domain registration which hackers do on to create accounts on your accounts by using this code.
Note:see text file
Then I have added google recaptcha on my registration and login pages plus on comments form, to prevent wp-login attack, and comment spam, which hackers do by using direct url injection by tools, So if a human is doing so he will solve the recaptcha. use below code to do so.. but do not logout before adding google secret key and api key in wordpress settings menu after you add this code.
Note:see text file
Then I have disabled xmlrpc using below code
Note:see text file
Then I have disabled login errors to prevent username guessing
Note:see text file
Then I have added .htaccess file inside wp-content and uploads folders to prevent file changes other than required permission.
Note:see text file
And also added this .htacces file for directory protection inside wp-includes folder
Note:see text file
Then I have chnaged wp-config.php to 444 permission or 400. also set the index.php's from root folder to 444 permission because when a plugin has any malicious code they try to add code in these files. Also they add codes files and folders in wp-content and wp-includes. If you use nulled plugins and thems then use these tricks to mitigate the hacking attempt.
For ddos attack I have csf firewall on my servers and mod security, I use cwp pro on my server which provides latest comodo rules for mod security.
apart from this I also wish to use 7g firewall on my site for a try.
I agree with above comments to not use any plugin for security, i have tried them, and they eat resources, also if i need to check any plugin for malicious codes i scan it on virustotal, and if the plugin is installed then i use wordfence to run a scan and then i deactivate and remove the plugin, after use.
In my experience all cache plugins are useless, all security plugins are useless, and all seo plugins are useless. I try to find codes for implementing various porpose.
Thanks babiato for this awesome forum, I hope someone would get benifited from this comment.
First of all, I have prevented unknown domain registration which hackers do on to create accounts on your accounts by using this code.
Note:see text file
Then I have added google recaptcha on my registration and login pages plus on comments form, to prevent wp-login attack, and comment spam, which hackers do by using direct url injection by tools, So if a human is doing so he will solve the recaptcha. use below code to do so.. but do not logout before adding google secret key and api key in wordpress settings menu after you add this code.
Note:see text file
Then I have disabled xmlrpc using below code
Note:see text file
Then I have disabled login errors to prevent username guessing
Note:see text file
Then I have added .htaccess file inside wp-content and uploads folders to prevent file changes other than required permission.
Note:see text file
And also added this .htacces file for directory protection inside wp-includes folder
Note:see text file
Then I have chnaged wp-config.php to 444 permission or 400. also set the index.php's from root folder to 444 permission because when a plugin has any malicious code they try to add code in these files. Also they add codes files and folders in wp-content and wp-includes. If you use nulled plugins and thems then use these tricks to mitigate the hacking attempt.
For ddos attack I have csf firewall on my servers and mod security, I use cwp pro on my server which provides latest comodo rules for mod security.
apart from this I also wish to use 7g firewall on my site for a try.
I agree with above comments to not use any plugin for security, i have tried them, and they eat resources, also if i need to check any plugin for malicious codes i scan it on virustotal, and if the plugin is installed then i use wordfence to run a scan and then i deactivate and remove the plugin, after use.
In my experience all cache plugins are useless, all security plugins are useless, and all seo plugins are useless. I try to find codes for implementing various porpose.
Thanks babiato for this awesome forum, I hope someone would get benifited from this comment.
My question is which one is better Wordfence or Defender? I mean which is using less resources and doesn't make much impact on site speed.
Check this guide for cloudflare
Hey guys i have installed this on a site of a friend and i get this:
The situation here is if i want to know where the site is hacked i must purchase the 99 usd license, any good plugin for scan my wordpress database? and scan specifyc folder like wp-content?
############## Update ##############
I have removed almost whole content on wp-content, except security plugins and left default wordpress theme and now i see this:
So this confirm me that the virus it's located on the old wp-content, maybe a plugin or a theme
The situation here is if i want to know where the site is hacked i must purchase the 99 usd license, any good plugin for scan my wordpress database? and scan specifyc folder like wp-content?
############## Update ##############
I have removed almost whole content on wp-content, except security plugins and left default wordpress theme and now i see this:
So this confirm me that the virus it's located on the old wp-content, maybe a plugin or a theme
Last edited:
Sorry about this. I would recommend the premium version of Wordfence. You can get it on the forum. Set it up and then use it to scan and clean your site. You might want to run the scan multiple times after every clean.Hey guys i have installed this on a site of a friend and i get this:
The situation here is if i want to know where the site is hacked i must purchase the 99 usd license, any good plugin for scan my wordpress database? and scan specifyc folder like wp-content?
############## Update ##############
I have removed almost whole content on wp-content, except security plugins and left default wordpress theme and now i see this:
So this confirm me that the virus it's located on the old wp-content, maybe a plugin or a theme
After that, you should change your password for:
1. Your website
2. Panel
3. Database
Then use Defender Pro to disable the file editor and XML-RPC. I found out that Yoast Premium surprisingly has these features now. Also, use the plugin to change your WordPress SALT and Security Keys. It is automated with the plugin. As such, you can change the frequency of keys change.
Similar threads
