Wordpress keeps reinfected
-
hello my wordpress theme keeps reinfected
i dont know were the virus is coming from, they upload archives on ftp and redirects all wordpress pages
i installed this pluggin
what is your opinion about this pluggin
my wordpress is all actualized. Any ideas to spot reinfections
-
Hmmm maybe some further reading is required. Here's potentially some helpful info for you on hardening WP, and other experiences with .htaccess hacks that might point you in a helpful direction.
http://codex.wordpress.org/Hardening_WordPress
https://www.google.com/search?q=htaccess+hack+wordpress
http://wordpress.org/support/topic/htaccess-hacked-redirects-to-russion-site
http://wordpress.org/support/topic/recurring-htaccess-hijack?replies=30
http://wordpress.org/support/topic/my-sites-htaccess-file-hacked-how
-
I have askimet instalet.
They upload files like and introduced code like database.sql.php on htaccess
-
My first thoughts: I'd install something like WP Firewall, to help you monitor any changes in files and easily maintain security on the site. It should email you any time something is changed (can be annoying but it might provide a trail for you for how the site is getting changed).
It might not provide everything you need though, as already stated.
Have you been able to identify how the site is being altered? See if you can find some of the code that is being used and then do a web search for it.
I recently found that a few of our sites had been hacked using an exploit through Akismet - yeah Akismet. It was about 30 websites that got hacked - and the only common plugin was Akismet. So if it's happening over a couple of sites (I see you have a couple) look for patterns (same host, same plugins, same ftp details) and try and isolate the issue that way.
-
Tanks Alexandru, i will do that.
My host is the one who keeps saving me from this attack.
They adviseme to unistall sucuri pluggin. And look for virus on my computer (althouth i have a Mac) i run the only virus program i could find (dont now if you can tell me another for mac
-
Hi There,
I previously dealt with 3 WordPress website that have got infected. Installing plugins like sucuri.net or http://vaultpress.com/ could be a solution but once the system is infected those won't necessary fix the problem
Here's what to do:
1. Delete all you plugin and check the theme for malware. If possible reinstall the theme with the original/updated version. See if that fixes the problem
If not:
Backup your database ( or even use a .xml export file)
Backup your pictures (make sure you only keep files with extensions like .jpg, .jpeg, .gif, .swf, .png, .bmp )Delete all your wordpress folder
Reinstall fresh version of wordpress
Reinstall fresh version of theme
Import data.xml or run database import from phpmyadmin
Upload your images.
If the problem persists, make sure your hosting environment is not the cause of the infection. Unfortunately one of my clients had a situation like those and we had to change all his hosting...
BUT: MOST LIKELY ONE OF THE PLUGINS WILL BE THE CAUSE
UNINSTALLING AND DELETING ALL PLUGINS MIGHT JUST FIX THIS ISSUE.
-
Yes please give me some referrals
-
Might be best to use someone that has specific knowledge of WordPress security to lock your site down. Plugins generally don't catch everything and certainly do not lock you down from further attacks. There are a few steps that you can take to make sure your site won't be infected through simple scripts and brute force. If you need a referral for a security guys let me know.
-
i think the plugin is not the problem thats why i am asking information about that plugin.
I have restored the web every two days wich is the time between they can enter my ftp again.
24 up 48 hours the time bettwen virus came back to wordpress and install new archives.
I have change all the passwords, no clue what is happening
-
If you can reload the site via FTP to a state prior to loading the plugin that would be the way to go...assuming the plugin is the problem.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
I have a recipe food blog and use wordpress, but my recipes are usually in more than one category...?
The recipes are in most cases in more than one category (usually two) each. Do and (and if so how) need to set each post to one canicol url? E.g A recipe on Peas is in healthy foods (which is the default wordpress cat.) and also Vegetarian Dishes. I use YOAST for wordpress
White Hat / Black Hat SEO | | Kelly33300 -
I have deleted a couple of posts from my blog, im using wordpress but still showing in the search how to delete?
Hey Guys, So I deleted a couple of pages from my blog, and when I search the keyword it is still showing do you guys have any idea how I can completed delete this from the search? Here is the page http://bit.ly/1cRR4qJ
White Hat / Black Hat SEO | | edward-may0 -
What sources do you use to keep on top of SEO news?
I want to try building an RSS feed of SEO news... but not wanting to find myself drowning in materials As such, looking for a short list of recommendations for keeping on top of SEO developments – the impetus is that I'm still discovering changes that happened 2, 3, even 5 years ago, and I want to try and catch these things as they happen. Thinking something actually from Google may be on the list, but some of these sources are pretty on top of things! Seroundtable.com also comes to mind. But what do you use to keep informed? Thanks 🙂
White Hat / Black Hat SEO | | ntcma1 -
Pointless Wordpress Tagging: Keep or unindex?
Simple as that. Pointless random tags that are serving no purpose other than adding apparent bulk to a website. They are just showing duplicate content and literally are random keywords that serve almost no purpose. And the tags, for the most part are only used on one page. If I remove them however, they will probably drop our site from around 650 pages to 450 (assuming I keep any tags that were used more than once). I have read through some of the other posts on here and I know that Google will do some work as far as duplicate content is concerned. Now as far as UX is concerned, all these tags are worthless. Thoughts?
White Hat / Black Hat SEO | | HashtagHustler0 -
Page keeps dropping
Hello All, I have a page (http://www.caravanguard.co.uk/touring-caravan-insurance/) we have seen it drop a bit over recent months and now we have been appearing low on page two (Google UK) for the term "Caravan Insurance". Now I do not expect to rank above some of the big players in our market and the aggregators, but we do feel we have good content and have tried to act as white as we can in terms of SEO, link building and alike, but we are still slipping. My main issue is this - one minute we have the link appearing in the serps and then the next it drops from the serps altogether. At this point i often resubmit for indexing in webmaster tools and a few minutes later its back.... is this just likley something I am seeing local to me due search becoming more personal (I have toggle hide private results too) or is there a cause to its sudden disappearance and reappearance? Any insight would be greatly appreciated.
White Hat / Black Hat SEO | | TimHolmes0 -
WordPress Plugin Backlink?
When developing a WordPress plugin, is it OK to include a dofollow backlink with the name of the source site as the anchor text? Or would Google consider this spammy?
White Hat / Black Hat SEO | | JABacchetta0 -
How long we can keep 302 redirection for a webpage url?
Hi Friends, I have a webpage featuring a product. I have created a new domain featuring the same product and the page is under construction. I am planning to do 302 redirection from the new domain to the existing domain for the time being. How long can I keep the 302 redirection from the new domain to existing domain? Is there any fixed time period/ duration that we can keep the 302 redirection for a webpage? I am planning to make few more pages (privacy policy, about us, etc) from the new domain 302 redirected to the existing domain. Is it possible? If so, how long can I keep the same? May I know which redirect is safe to use in this case, 302 or 301 redirect?
White Hat / Black Hat SEO | | zco_seo0 -
WordPress Plugin Backlinks?
I'm considering having a WordPress plugin developed that would provide content from my site for others to display in their sidebar. It would definitely provide value for users and I know people would use it on their sites, but my question is . . . If I were to add my link below the widget (e.g. "Content provided by Company ABC"), would this be good or bad for SEO? The anchor text wouldn't be anything special, just an exact match of my brand name (my domain name). I seem to remember Matt Cutts answering something similar a few years ago and I thought he said it was fine as long as the anchor text was the brand name. But maybe things have changed since then. Keep in mind that this plugin could potentially be used by tens of thousands of sites, so the backlink profile could be huge. Thoughts? Would this cause my site to get penalized?
White Hat / Black Hat SEO | | JABacchetta0