Web virus attack every second
-
Hello my wordpress has been constantly attacked every day, files were uploaded and redirections were made to others websites.
I instaled sucruri pluggin paying the annual fee, and no result. They keep acessing the web. And i uploading backup security.
Know i have instaled OSE wp firewall and seems that they are getting more dificulty accessing and uploading files. But still sending like 40 attacks every day.
Is ther any way to stop this?
were is some information of the blocked attacks
LOGTIME: 2013-02-22 10:58:01
FROM IP: http://whois.domaintools.com/27.153.210.183
REFERRER: http://www.propdental.com/index.php?option=com_registration&task=register
LOGTIME: 2013-02-22 10:52:09
FROM IP: http://whois.domaintools.com/2a00:1d70:c01c::69:61
URI: http://www.propdental.com/video//wp-admin.php
FROM IP 40 attacks this ip every two seconds:
http://whois.domaintools.com/2a00:1d70:c01c::69:61
URI: http://www.propdental.com/video//wp-admin.php
ACTION: Blocked
LOGTIME: 2013-02-22 10:49:10
FROM IP: http://whois.domaintools.com/103.31.186.82
URI: http://www.propdental.com/
METHOD: GET
LOGTIME: 2013-02-22 10:37:10
FROM IP: http://whois.domaintools.com/120.43.11.251
URI: http://www.propdental.com/blog/tag/carillas-de-porcelana-cerinate
METHOD: GET
USERAGENT: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.95 Safari/537.11
REFERRER: http://www.propdental.com/blog/tag/carillas-de-porcelana-cerinate
ACTION: Blocked
LOGTIME: 2013-02-22 10:28:52
FROM IP: http://whois.domaintools.com/36.251.43.51
URI: http://www.propdental.com/
METHOD: GET
USERAGENT: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4
REFERRER: http://www.buyclassybags.com/
-
You may have missed my point. Sucuri didn't fix my problem either, but when I hired Michael (see link in my response above) he had the expertise to fix it. I agree with EGOL that in some cases you need to hire a pro.
(I have no allegiance or connection to Michael other than the fact that he saved me so much headache after weeks of struggling with malware that other people couldn't fix.)
-
I did also hired sucuri, but it was not worthing, becuase with the instaled pluggin they keep geting control of my web
now they can not get in my web just because they are being blocked by OSE wp firewall
-
I can recommend someone very good. My website was affected by malware. I first contacted my host and they did a few things that we thought fixed the problem but it came back. Then I hired sucuri. I believe that for many virus problems sucuri is good, but they couldn't get this one. It came back every single day and got harder and harder to detect.
A friend recommended Michael VanDeMar. (You can contact him here.) It took him a little while but he uncovered the problem. It was a sneaky malware that would only appear on computers using internet explorer, and not all the time. Plus, it would hide itself when someone from the host's IP was trying to find it. Michael fixed it for me. His rates were really fair. It cost me just a little bit more than sucuri.
-
If you do a full reinstall it might work.
The problem could be in the pluggins as they are installed - or they could have vulnerability that is exploited after install. If you were running an old version of wordpress, it could have holes.
The problem could be on your computer and it gets into your wordpress when you upload files, the server could have openings that are being exploited.
There are so many ways for these things to happen.
-
You think that if i install wordpress again and all pluggins again this will stop?
in the last hour another 250 attacks to different urls
Any recommendation of someone who can handle this for me?
thanks
-
I would hire a pro.
These types of problems can be very difficult to solve and can come from a variety of sources.
I would contact them and ask how much to clean a wordpress install. I bet the price is lower than you think.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Inbound links with malicious anchor text. Negative seo attack
Hi, What to do with more than 300 links with a malicious anchor text that has nothing to do with my content. I am disavowing those links for the last 5 years. Some of them are directed to URLs that have been changed more than 8 years ago. How can I block this malicious behavior? Thanks in advance
White Hat / Black Hat SEO | | Arlinaite470 -
Good vs Bad Web directories
Hi this blog post Rand mentions a list of bad web directories - I asked couple of years ago if there is an updated list as some of these (Alive Directory for example) do not seem to be blacklisted anymore and are coming up in Google searches etc? It seems due to old age of the blog post (7 years ago ) the comments are not responded to. Would anyone be able to advise if which of these good directories to use? https://moz.com/blog/what-makes-a-good-web-directory-and-why-google-penalized-dozens-of-bad-ones
White Hat / Black Hat SEO | | IsaCleanse0 -
How to make second site in same niche and do white hat SEO
Hello, As much as we would like, there's a possibility that our site will never recover from it's Google penalties. Our team has decided to launch a new site in the same niche. What do we need to do so that Google will not mind us having 2 sites in the same niche? (Menu differences, coding differences, content differences, etc.) We won't have duplicate content, but it's hard to make the sites not similar. Thanks
White Hat / Black Hat SEO | | BobGW0 -
Backlink an article thats already on the web
Hey Mozers, Just wondering I noticed a few sites show "this article first appeared on domain.com" if there has been an article published on another site and is now publsihed on ours, how do we create a backlink to say it had first appeared on "domain.com" Any advice would be much appreciated Thanks
White Hat / Black Hat SEO | | edward-may1 -
Can I get updated opinions on PR Web?
I saw Moz has discussed PR web in earlier posts, but they are mostly months to years old. I'm wondering if PR Web is a good service? A lot of my competitors use it, but it seems just like a paid link to me. If for whatever reason, PR Web is an approved loophole, does anyone have any suggestions on which plan to purchase? Thanks, Ruben
White Hat / Black Hat SEO | | KempRugeLawGroup0 -
Black Hat Attack! Seeking Help
Hello, For the first time, I think my site has been the victim of a black hat (spam) attack 😞 I have a blog in a competitive niche and my rankings suddenly dropped (from top 3 to top 20). A quick peek at my latest backlinks using Open Site Explorer "Just Discovered" revealed some nasty looking comment spam links with my target keywords posted recently. Of course, I haven't hired anyone to post such links and I haven't done it myself. So my only guess is that a competitor has been generous enough to invest on spamming my site. Questions: 1. How can I confirm if this is in fact a spam attack? 2. Should I worry about this? 3. If so, what is the best way to go about this? Would appreciate any thoughts on this. Thanks in advance! Howard
White Hat / Black Hat SEO | | howardd1 -
Website mallware attacks
I keep getting attacks to my website every time that are being blocked by OSE firewall Is there any way to stop this? I am affraid because they actually manage enter my website on the past, and i dont know if they can enter on the future or if having all the pluggins and wordpress updated. I am safe enough, and i am not sure if there is any type of virus on my computer Macbook as those attacked pages were recently updated from my computer. Is there any malware scan for Mac Thanl you == Attack Details == TYPE: Found Basic DoS Attacks DETECTED ATTACK VALUE: dDos Attack ACTION: Blocked LOGTIME: 2013-02-25 11:48:18 FROM IP: http://whois.domaintools.com/75.126.24.81 URI: [http://www.propdental.es/](http://www.propdental.es/) METHOD: HEAD USERAGENT: N/A REFERRER: N/A == Attack Details == TYPE: Found Basic DoS Attacks DETECTED ATTACK VALUE: dDos Attack ACTION: Blocked LOGTIME: 2013-02-25 10:13:17 FROM IP: http://whois.domaintools.com/107.21.150.82 URI: [http://www.propdental.es/blanqueamiento-dental/](http://www.propdental.es/blanqueamiento-dental/) METHOD: HEAD USERAGENT: N/A REFERRER: N/A ``` == Attack Details == TYPE: Found Malicious User Agent DETECTED ATTACK VALUE: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 ACTION: Blocked LOGTIME: 2013-02-25 03:13:52 FROM IP: http://whois.domaintools.com/119.245.226.74 URI: [http://www.propdental.es/sonrisas/los-martinez/](http://www.propdental.es/sonrisas/los-martinez/) METHOD: HEAD USERAGENT: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 REFERRER: N/A ``` ```
White Hat / Black Hat SEO | | maestrosonrisas0