Web virus attack every second
-
Hello my wordpress has been constantly attacked every day, files were uploaded and redirections were made to others websites.
I instaled sucruri pluggin paying the annual fee, and no result. They keep acessing the web. And i uploading backup security.
Know i have instaled OSE wp firewall and seems that they are getting more dificulty accessing and uploading files. But still sending like 40 attacks every day.
Is ther any way to stop this?
were is some information of the blocked attacks
LOGTIME: 2013-02-22 10:58:01
FROM IP: http://whois.domaintools.com/27.153.210.183
REFERRER: http://www.propdental.com/index.php?option=com_registration&task=register
LOGTIME: 2013-02-22 10:52:09
FROM IP: http://whois.domaintools.com/2a00:1d70:c01c::69:61
URI: http://www.propdental.com/video//wp-admin.php
FROM IP 40 attacks this ip every two seconds:
http://whois.domaintools.com/2a00:1d70:c01c::69:61
URI: http://www.propdental.com/video//wp-admin.php
ACTION: Blocked
LOGTIME: 2013-02-22 10:49:10
FROM IP: http://whois.domaintools.com/103.31.186.82
URI: http://www.propdental.com/
METHOD: GET
LOGTIME: 2013-02-22 10:37:10
FROM IP: http://whois.domaintools.com/120.43.11.251
URI: http://www.propdental.com/blog/tag/carillas-de-porcelana-cerinate
METHOD: GET
USERAGENT: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.95 Safari/537.11
REFERRER: http://www.propdental.com/blog/tag/carillas-de-porcelana-cerinate
ACTION: Blocked
LOGTIME: 2013-02-22 10:28:52
FROM IP: http://whois.domaintools.com/36.251.43.51
URI: http://www.propdental.com/
METHOD: GET
USERAGENT: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4
REFERRER: http://www.buyclassybags.com/
-
You may have missed my point. Sucuri didn't fix my problem either, but when I hired Michael (see link in my response above) he had the expertise to fix it. I agree with EGOL that in some cases you need to hire a pro.
(I have no allegiance or connection to Michael other than the fact that he saved me so much headache after weeks of struggling with malware that other people couldn't fix.)
-
I did also hired sucuri, but it was not worthing, becuase with the instaled pluggin they keep geting control of my web
now they can not get in my web just because they are being blocked by OSE wp firewall
-
I can recommend someone very good. My website was affected by malware. I first contacted my host and they did a few things that we thought fixed the problem but it came back. Then I hired sucuri. I believe that for many virus problems sucuri is good, but they couldn't get this one. It came back every single day and got harder and harder to detect.
A friend recommended Michael VanDeMar. (You can contact him here.) It took him a little while but he uncovered the problem. It was a sneaky malware that would only appear on computers using internet explorer, and not all the time. Plus, it would hide itself when someone from the host's IP was trying to find it. Michael fixed it for me. His rates were really fair. It cost me just a little bit more than sucuri.
-
If you do a full reinstall it might work.
The problem could be in the pluggins as they are installed - or they could have vulnerability that is exploited after install. If you were running an old version of wordpress, it could have holes.
The problem could be on your computer and it gets into your wordpress when you upload files, the server could have openings that are being exploited.
There are so many ways for these things to happen.
-
You think that if i install wordpress again and all pluggins again this will stop?
in the last hour another 250 attacks to different urls
Any recommendation of someone who can handle this for me?
thanks
-
I would hire a pro.
These types of problems can be very difficult to solve and can come from a variety of sources.
I would contact them and ask how much to clean a wordpress install. I bet the price is lower than you think.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
It's possible a bounce-rate attack manipulate SEO?
My site has been visited by unusual users with one second session times. This leaves my analytics data confused.
White Hat / Black Hat SEO | | CompraBit0 -
Backlink an article thats already on the web
Hey Mozers, Just wondering I noticed a few sites show "this article first appeared on domain.com" if there has been an article published on another site and is now publsihed on ours, how do we create a backlink to say it had first appeared on "domain.com" Any advice would be much appreciated Thanks
White Hat / Black Hat SEO | | edward-may1 -
Black Seo --> Attack
Hello there, Happy new year for everyone, and good luck this year. I have a real problem here, I saw in MOZ link history that somehow the "Total Linking Root Domains" is growing from a medium of 30 - 40 to 240 - 340 links and keep it growing. I guess somebody make me good joke, cause i did not buy any link :)) even cn, brasil, jp links, my store is from Romania. How I can block these links I think google will make me bad instead. What should i do? Thank you so much. With respect,
White Hat / Black Hat SEO | | Shanaki
Andrei 0tYg1wB.png0 -
Spamlink attack wat to do
Since today we had a spamlink attack. Just 150 dirty links in one morning and probably more to follow. Last year we also had an attack and we used the disalow. But this domain had a much stronger histrory and a PR of 6. The new domain has an authority (DA36) and PR1. The domain is very valuable and we rank on page on one of the most competitive words. Should I use the disalow tool, or just hope that the spam links don't hurt my ranking. I have some (150) valuable incoming links. Example of bad link: http://lamevabarcelona.com/una-exposicio-ens-guia-per-barcelona/dscn0756/ I think X Rumer/ pingback is used. I hope somebody can help us with this.
White Hat / Black Hat SEO | | remkoallertz0 -
Black Hat Attack! Seeking Help
Hello, For the first time, I think my site has been the victim of a black hat (spam) attack 😞 I have a blog in a competitive niche and my rankings suddenly dropped (from top 3 to top 20). A quick peek at my latest backlinks using Open Site Explorer "Just Discovered" revealed some nasty looking comment spam links with my target keywords posted recently. Of course, I haven't hired anyone to post such links and I haven't done it myself. So my only guess is that a competitor has been generous enough to invest on spamming my site. Questions: 1. How can I confirm if this is in fact a spam attack? 2. Should I worry about this? 3. If so, what is the best way to go about this? Would appreciate any thoughts on this. Thanks in advance! Howard
White Hat / Black Hat SEO | | howardd1 -
Website mallware attacks
I keep getting attacks to my website every time that are being blocked by OSE firewall Is there any way to stop this? I am affraid because they actually manage enter my website on the past, and i dont know if they can enter on the future or if having all the pluggins and wordpress updated. I am safe enough, and i am not sure if there is any type of virus on my computer Macbook as those attacked pages were recently updated from my computer. Is there any malware scan for Mac Thanl you == Attack Details == TYPE: Found Basic DoS Attacks DETECTED ATTACK VALUE: dDos Attack ACTION: Blocked LOGTIME: 2013-02-25 11:48:18 FROM IP: http://whois.domaintools.com/75.126.24.81 URI: [http://www.propdental.es/](http://www.propdental.es/) METHOD: HEAD USERAGENT: N/A REFERRER: N/A == Attack Details == TYPE: Found Basic DoS Attacks DETECTED ATTACK VALUE: dDos Attack ACTION: Blocked LOGTIME: 2013-02-25 10:13:17 FROM IP: http://whois.domaintools.com/107.21.150.82 URI: [http://www.propdental.es/blanqueamiento-dental/](http://www.propdental.es/blanqueamiento-dental/) METHOD: HEAD USERAGENT: N/A REFERRER: N/A ``` == Attack Details == TYPE: Found Malicious User Agent DETECTED ATTACK VALUE: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 ACTION: Blocked LOGTIME: 2013-02-25 03:13:52 FROM IP: http://whois.domaintools.com/119.245.226.74 URI: [http://www.propdental.es/sonrisas/los-martinez/](http://www.propdental.es/sonrisas/los-martinez/) METHOD: HEAD USERAGENT: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 REFERRER: N/A ``` ```
White Hat / Black Hat SEO | | maestrosonrisas0 -
Virus on wordpress second time PLEASE HELP
hello Mattew i have a big problem on the web is the second time that a virus attacked the wordpress of my web. That is why i am being very busy trying to solve it fisrt time i upload a backup before the attack, but now if infected again All de webs that are positioned on google for ejemple if you look for anithing on google "estetica of propdental.com" it redirects to page http://medicaresue.com can you help me please is the second time and i am losing lots of traffic and positions on google thanks
White Hat / Black Hat SEO | | maestrosonrisas0 -
I think a virus as enter my wordpress
I think a virus as enter my wordpress and is changing my titles and redirecting urls. Help please. How can i find the virus and werre was is gate to enter my web thank you
White Hat / Black Hat SEO | | maestrosonrisas0