Wordpress site security

mel123 · 02-09-2015 4:44pm #1

Hi
So my wordpress sight keeps getting hacked. I havnt a clue how to clean it up, someone else has done it for me previously and they are now not available.

Any suggestions how do I do this? Im a newbie to it all.
How do I prevent this happening? I update my plugins regularly but obviously not regularly enough (ive read this is how it happens).

Any suggestions or advice welcome.

M.T.D · 02-09-2015 7:50pm

Several things can affect the security of your WordPress site.
1. avoid common user names (admin, "the domain name" etc.)
2. Use "good" passwords at least 10 characters, a random mix of upper and lower case and numbers would be minimum
3. Use a security plug in e.g. WordFence
4. make sure any forms you use do not allow "code" uploads.
5. Some themes, especially "free" (not the ones available from WordPress) ones may have back doors built in them.

There are lots more.

As you have already been infected once it is possible the clean up was not thorough enough and unwanted files were left on the server giving the hackers a backdoor in to your site.

daymobrew · 03-09-2015 8:51am

Some good tips in the Hardening WordPress page.

I have the following in my wp-content/uploads/.htaccess file:

# Prevent execution of PHP files in /wp-content/uploads and /wp-includes folders.
<Files *.php>
deny from all
</Files>

I was browsing my server logs and saw that someone was trying to execute php files within the wp-content/uploads directory so this 'deny' did its job.

mneylon · 06-09-2015 6:29pm

If you can identify the source / vector of the hack it'll be easier to fix it properly ie. out of date plugin, out of date them, insecure password ..

100% agree on the usernames - the default "admin" user should be removed

Wordfence works very well at blocking some of the nastier attacks

sheesh · 08-09-2015 11:40pm

do you allow comments on your site?

Have you gone through all your current plugins and see where each of them come from?

how many registered users are on your site?

daymobrew · 09-09-2015 9:01am

Blacknight wrote: »

If you can identify the source / vector of the hack it'll be easier to fix it properly ie. out of date plugin, out of date them, insecure password ..

If on shared hosting could the source/vector be via a vulnerability in another site on the same server?

mneylon · 09-09-2015 1:16pm

daymobrew wrote: »

If on shared hosting could the source/vector be via a vulnerability in another site on the same server?

Quite unlikely unless the hosting provider is doing something incredibly stupid.

Banta · 09-09-2015 2:34pm

Another +1 for installing Wordfence, at the very least, along with other suggestions.

Blacknight wrote: »

Quite unlikely unless the hosting provider is doing something incredibly stupid.

Did you really type that and not think of at least 1 example in your head where you went, "well X is pretty stupid, so they'd probably do something like that" :P

mneylon · 09-09-2015 2:41pm

Banta wrote: »

Did you really type that and not think of at least 1 example in your head where you went, "well X is pretty stupid, so they'd probably do something like that" :P

I couldn't possibly comment

Jokes aside ..

The most common issues we've seen are things like:

out of date wordpress core
out of date plugins
out of date themes
weak passwords

If you aren't using a theme - remove it.
If you aren't using a plugin - remove it

It can't be hacked if it isn't there ..

Wordpress site security

Comments