Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Wordpress site security

  • 02-09-2015 3:44pm
    #1
    Registered Users, Registered Users 2 Posts: 2,241 ✭✭✭


    Hi
    So my wordpress sight keeps getting hacked. I havnt a clue how to clean it up, someone else has done it for me previously and they are now not available.

    Any suggestions how do I do this? Im a newbie to it all.
    How do I prevent this happening? I update my plugins regularly but obviously not regularly enough (ive read this is how it happens).

    Any suggestions or advice welcome.


Comments

  • Registered Users, Registered Users 2 Posts: 396 ✭✭M.T.D


    Several things can affect the security of your WordPress site.
    1. avoid common user names (admin, "the domain name" etc.)
    2. Use "good" passwords at least 10 characters, a random mix of upper and lower case and numbers would be minimum
    3. Use a security plug in e.g. WordFence
    4. make sure any forms you use do not allow "code" uploads.
    5. Some themes, especially "free" (not the ones available from WordPress) ones may have back doors built in them.

    There are lots more.

    As you have already been infected once it is possible the clean up was not thorough enough and unwanted files were left on the server giving the hackers a backdoor in to your site.


  • Registered Users, Registered Users 2 Posts: 6,571 ✭✭✭daymobrew


    Some good tips in the Hardening WordPress page.

    I have the following in my wp-content/uploads/.htaccess file:
    # Prevent execution of PHP files in /wp-content/uploads and /wp-includes folders.
    <Files *.php>
    deny from all
    </Files>
    
    I was browsing my server logs and saw that someone was trying to execute php files within the wp-content/uploads directory so this 'deny' did its job.


  • Registered Users, Registered Users 2 Posts: 7,740 ✭✭✭mneylon


    If you can identify the source / vector of the hack it'll be easier to fix it properly ie. out of date plugin, out of date them, insecure password ..

    100% agree on the usernames - the default "admin" user should be removed

    Wordfence works very well at blocking some of the nastier attacks


  • Registered Users, Registered Users 2 Posts: 4,081 ✭✭✭sheesh


    do you allow comments on your site?

    Have you gone through all your current plugins and see where each of them come from?

    how many registered users are on your site?


  • Registered Users, Registered Users 2 Posts: 6,571 ✭✭✭daymobrew


    Blacknight wrote: »
    If you can identify the source / vector of the hack it'll be easier to fix it properly ie. out of date plugin, out of date them, insecure password ..
    If on shared hosting could the source/vector be via a vulnerability in another site on the same server?


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 7,740 ✭✭✭mneylon


    daymobrew wrote: »
    If on shared hosting could the source/vector be via a vulnerability in another site on the same server?

    Quite unlikely unless the hosting provider is doing something incredibly stupid.


  • Registered Users, Registered Users 2 Posts: 262 ✭✭Banta


    Another +1 for installing Wordfence, at the very least, along with other suggestions.
    Blacknight wrote: »
    Quite unlikely unless the hosting provider is doing something incredibly stupid.

    Did you really type that and not think of at least 1 example in your head where you went, "well X is pretty stupid, so they'd probably do something like that" :P


  • Registered Users, Registered Users 2 Posts: 7,740 ✭✭✭mneylon


    Banta wrote: »
    Did you really type that and not think of at least 1 example in your head where you went, "well X is pretty stupid, so they'd probably do something like that" :P
    I couldn't possibly comment :)

    Jokes aside ..

    The most common issues we've seen are things like:
    • out of date wordpress core
    • out of date plugins
    • out of date themes
    • weak passwords

    If you aren't using a theme - remove it.
    If you aren't using a plugin - remove it

    It can't be hacked if it isn't there ..


Advertisement