Wordpress keeps reinfected
-
hello my wordpress theme keeps reinfected
i dont know were the virus is coming from, they upload archives on ftp and redirects all wordpress pages
i installed this pluggin
what is your opinion about this pluggin
my wordpress is all actualized. Any ideas to spot reinfections
-
Hmmm maybe some further reading is required. Here's potentially some helpful info for you on hardening WP, and other experiences with .htaccess hacks that might point you in a helpful direction.
http://codex.wordpress.org/Hardening_WordPress
https://www.google.com/search?q=htaccess+hack+wordpress
http://wordpress.org/support/topic/htaccess-hacked-redirects-to-russion-site
http://wordpress.org/support/topic/recurring-htaccess-hijack?replies=30
http://wordpress.org/support/topic/my-sites-htaccess-file-hacked-how
-
I have askimet instalet.
They upload files like and introduced code like database.sql.php on htaccess
-
My first thoughts: I'd install something like WP Firewall, to help you monitor any changes in files and easily maintain security on the site. It should email you any time something is changed (can be annoying but it might provide a trail for you for how the site is getting changed).
It might not provide everything you need though, as already stated.
Have you been able to identify how the site is being altered? See if you can find some of the code that is being used and then do a web search for it.
I recently found that a few of our sites had been hacked using an exploit through Akismet - yeah Akismet. It was about 30 websites that got hacked - and the only common plugin was Akismet. So if it's happening over a couple of sites (I see you have a couple) look for patterns (same host, same plugins, same ftp details) and try and isolate the issue that way.
-
Tanks Alexandru, i will do that.
My host is the one who keeps saving me from this attack.
They adviseme to unistall sucuri pluggin. And look for virus on my computer (althouth i have a Mac) i run the only virus program i could find (dont now if you can tell me another for mac
-
Hi There,
I previously dealt with 3 WordPress website that have got infected. Installing plugins like sucuri.net or http://vaultpress.com/ could be a solution but once the system is infected those won't necessary fix the problem
Here's what to do:
1. Delete all you plugin and check the theme for malware. If possible reinstall the theme with the original/updated version. See if that fixes the problem
If not:
Backup your database ( or even use a .xml export file)
Backup your pictures (make sure you only keep files with extensions like .jpg, .jpeg, .gif, .swf, .png, .bmp )Delete all your wordpress folder
Reinstall fresh version of wordpress
Reinstall fresh version of theme
Import data.xml or run database import from phpmyadmin
Upload your images.
If the problem persists, make sure your hosting environment is not the cause of the infection. Unfortunately one of my clients had a situation like those and we had to change all his hosting...
BUT: MOST LIKELY ONE OF THE PLUGINS WILL BE THE CAUSE
UNINSTALLING AND DELETING ALL PLUGINS MIGHT JUST FIX THIS ISSUE.
-
Yes please give me some referrals
-
Might be best to use someone that has specific knowledge of WordPress security to lock your site down. Plugins generally don't catch everything and certainly do not lock you down from further attacks. There are a few steps that you can take to make sure your site won't be infected through simple scripts and brute force. If you need a referral for a security guys let me know.
-
i think the plugin is not the problem thats why i am asking information about that plugin.
I have restored the web every two days wich is the time between they can enter my ftp again.
24 up 48 hours the time bettwen virus came back to wordpress and install new archives.
I have change all the passwords, no clue what is happening
-
If you can reload the site via FTP to a state prior to loading the plugin that would be the way to go...assuming the plugin is the problem.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
WordPress Tags and SEO
Good Morning everyone, I am trying to decide how I am going to handle an issue on two WordPress websites. I recently acquired 2 new clients that used to do business with the same SEO company. Neither of the clients know of the other but both had the same story about said SEO company. The usual complaints, I wont get into details. My issue is the old SEO company basically was spamming keywords and utilized tags to do this. For each of these clients they had very thin spammy blog posts written and then had a multitude of spammy tags used as keywords here is an example https://captainjacksboatingschool.com/middlesex-county-boating-safety-class/ Each one of these tags is creating duplicate content. How do i properly handle these tags? Do i delete? Do i need to redirect into one main page after deletion. I much rather use plain English and authoritative based Categories. In fact I never use tags, only categories. They do not seem to have much seo value. Both clients who were with this company have the same Tag setup... Any advice would be greatly appreciated as I do not want to loose the customers current rank because i want to do things my way Thanks, Don Silvernail
White Hat / Black Hat SEO | | donsilvernail0 -
Advice needed! How to clear a website of a Wordpress Spam Link Injection Google penalty?
Hi Guys, I am currently working on website that has been penalised by Google for a spam link injection. The website was hacked and 17,000 hidden links were injected. All the links have been removed and the site has subsequently been redesigned and re-built. That was the easy part 🙂 The problems comes when I look on Webmaster. Google is showing 1000's of internal spam links to the homepage and other pages within the site. These pages do not actually exist as they were cleared along with all the other spam links. I do believe though this is causing problems with the websites rankings. Certain pages are not ranking on Google and the homepage keyword rankings are fluctuating massively. I have reviewed the website's external links and these are all fine. Does anyone have any experience of this and can provide any recommendations / advice for clearing the site from Google penalty? Thanks, Duncan
White Hat / Black Hat SEO | | CayenneRed890 -
Wordpress Category Archives - Index - but will this cause duplication?
Okay something I am struggling with Using YOAST - but have a recipe blog - However the category archives have /are being optimized and indexed as I am adding custom content to them , then listing the recipes below. My question is if I am indexing the Category Archives and using these to add custom content above - then allows the recipe excerpts from the category to be listed underneath - will these recipe excerpts be picked up as duplicate content?
White Hat / Black Hat SEO | | Kelly33300 -
I have deleted a couple of posts from my blog, im using wordpress but still showing in the search how to delete?
Hey Guys, So I deleted a couple of pages from my blog, and when I search the keyword it is still showing do you guys have any idea how I can completed delete this from the search? Here is the page http://bit.ly/1cRR4qJ
White Hat / Black Hat SEO | | edward-may0 -
New Domain Name or Keep going - Help not Recovering after Penguin
Hi Moz Friends I wonder if you can help me , a while ago we had a Penguin Penalty and lost our Rankings. After Months of work Disavow and Reconsiderations , Google sent me a message in Webmaster Tools to confirm the Penalty had been uplifted. Since then we havent recovered. I have been working with Bloggers to build relevant safe links, each having a DA of between 10-30. We have developed a Mobile Friendly Website and ios and Android Apps. We have improved Site Speed and moved to a Server within the same Country. We add lots of content and believe we have ticked all the boxes for onpage optimisation. However our DA and PA seems to have dropped slightly after Moz update today. We seem to be jumping in the serps, one day page 4 for "fancy dress" the next day nowhere to be found. I'm not sure what to do next. I'm not expecting to jump back to page 1 for the main keywords but some positive movement would be nice, especially as there are Lower DA Website, not mobile friendly or as fast above us in the serps. What I am looking for I guess is any ideas from you and also what you think about this idea A few people have mentioned that we might stand more of a chance using our domain name example.com instead of example.co.uk. example.com has never been used and is totaly clean (no penaltys ect..) Do we use example.com and move the website and content away from example.co.uk ? if so do we use redirects or would that just pass any hold thats on example.co.uk to the .com version Ideas Welcome Thanks Adam
White Hat / Black Hat SEO | | AMG1000 -
By changing the wordpress theme what need to take for seo consideration?
Hi guys! we have a site that been using a theme for a year now and we decided to change to a new one, the question here is, does it affect seo? or it is possible to remain 100% for the seo? What caution tips that you guys can share for changing the theme? Does just remaining the same URL works?
White Hat / Black Hat SEO | | andrewwatson922 -
Pointless Wordpress Tagging: Keep or unindex?
Simple as that. Pointless random tags that are serving no purpose other than adding apparent bulk to a website. They are just showing duplicate content and literally are random keywords that serve almost no purpose. And the tags, for the most part are only used on one page. If I remove them however, they will probably drop our site from around 650 pages to 450 (assuming I keep any tags that were used more than once). I have read through some of the other posts on here and I know that Google will do some work as far as duplicate content is concerned. Now as far as UX is concerned, all these tags are worthless. Thoughts?
White Hat / Black Hat SEO | | HashtagHustler0 -
Is it worth getting links from .blogspot.com and .wordpress.com?
Our niche ecommerce site has only one thing going for it: We have numerous opportunities on a weekly basis to get reviews from "mom bloggers". We need links - our domain authority is depressing. My concern is that these "mom bloggers" tend to have blogs that end with .blogspot.com or .wordpress.com. How do I screen for "reviewers" that are worth getting links from and how can I make the most of the community we have available to us?
White Hat / Black Hat SEO | | Wilkerson1