Web virus attack every second
-
Hello my wordpress has been constantly attacked every day, files were uploaded and redirections were made to others websites.
I instaled sucruri pluggin paying the annual fee, and no result. They keep acessing the web. And i uploading backup security.
Know i have instaled OSE wp firewall and seems that they are getting more dificulty accessing and uploading files. But still sending like 40 attacks every day.
Is ther any way to stop this?
were is some information of the blocked attacks
LOGTIME: 2013-02-22 10:58:01
FROM IP: http://whois.domaintools.com/27.153.210.183
REFERRER: http://www.propdental.com/index.php?option=com_registration&task=register
LOGTIME: 2013-02-22 10:52:09
FROM IP: http://whois.domaintools.com/2a00:1d70:c01c::69:61
URI: http://www.propdental.com/video//wp-admin.php
FROM IP 40 attacks this ip every two seconds:
http://whois.domaintools.com/2a00:1d70:c01c::69:61
URI: http://www.propdental.com/video//wp-admin.php
ACTION: Blocked
LOGTIME: 2013-02-22 10:49:10
FROM IP: http://whois.domaintools.com/103.31.186.82
URI: http://www.propdental.com/
METHOD: GET
LOGTIME: 2013-02-22 10:37:10
FROM IP: http://whois.domaintools.com/120.43.11.251
URI: http://www.propdental.com/blog/tag/carillas-de-porcelana-cerinate
METHOD: GET
USERAGENT: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.95 Safari/537.11
REFERRER: http://www.propdental.com/blog/tag/carillas-de-porcelana-cerinate
ACTION: Blocked
LOGTIME: 2013-02-22 10:28:52
FROM IP: http://whois.domaintools.com/36.251.43.51
URI: http://www.propdental.com/
METHOD: GET
USERAGENT: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4
REFERRER: http://www.buyclassybags.com/
-
You may have missed my point. Sucuri didn't fix my problem either, but when I hired Michael (see link in my response above) he had the expertise to fix it. I agree with EGOL that in some cases you need to hire a pro.
(I have no allegiance or connection to Michael other than the fact that he saved me so much headache after weeks of struggling with malware that other people couldn't fix.)
-
I did also hired sucuri, but it was not worthing, becuase with the instaled pluggin they keep geting control of my web
now they can not get in my web just because they are being blocked by OSE wp firewall
-
I can recommend someone very good. My website was affected by malware. I first contacted my host and they did a few things that we thought fixed the problem but it came back. Then I hired sucuri. I believe that for many virus problems sucuri is good, but they couldn't get this one. It came back every single day and got harder and harder to detect.
A friend recommended Michael VanDeMar. (You can contact him here.) It took him a little while but he uncovered the problem. It was a sneaky malware that would only appear on computers using internet explorer, and not all the time. Plus, it would hide itself when someone from the host's IP was trying to find it. Michael fixed it for me. His rates were really fair. It cost me just a little bit more than sucuri.
-
If you do a full reinstall it might work.
The problem could be in the pluggins as they are installed - or they could have vulnerability that is exploited after install. If you were running an old version of wordpress, it could have holes.
The problem could be on your computer and it gets into your wordpress when you upload files, the server could have openings that are being exploited.
There are so many ways for these things to happen.
-
You think that if i install wordpress again and all pluggins again this will stop?
in the last hour another 250 attacks to different urls
Any recommendation of someone who can handle this for me?
thanks
-
I would hire a pro.
These types of problems can be very difficult to solve and can come from a variety of sources.
I would contact them and ask how much to clean a wordpress install. I bet the price is lower than you think.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Where can I find either web directories or decent sites that will link back to me...without paying thru the nose?
Hi Community! For starters, from my question, you can probably determine that I am either a novice, or very low intermediate SEO person. We all know, links are king with our friends at Google. I am a recently-retired IT person with a very small freelance IT company (just me), and I'd like to generate more leads/business. I'd be thrilled with one or two small jobs per week to supplement my pension. I've used the MOZ tools only to determine the majority of my competitors have like a thousand links, whereas Google reports me as having 97 links. My on-page grades are all upper 90s and a couple are at 100%. I am not targeting really competitive keywords, so that's not my problem. My problem is my DA, which is sitting at a mere 20...pause to laugh! I don't want to pay thru the nose for high DA links for the obvious reasons. I submitted my URLs to as many directories as I could find. Would anyone have a decent list of sites where I could submit my URL to get some more links? Thanks guys and Gals! Willy
White Hat / Black Hat SEO | | NewSEOguy0 -
How to make second site in same niche and do white hat SEO
Hello, As much as we would like, there's a possibility that our site will never recover from it's Google penalties. Our team has decided to launch a new site in the same niche. What do we need to do so that Google will not mind us having 2 sites in the same niche? (Menu differences, coding differences, content differences, etc.) We won't have duplicate content, but it's hard to make the sites not similar. Thanks
White Hat / Black Hat SEO | | BobGW0 -
Backlink an article thats already on the web
Hey Mozers, Just wondering I noticed a few sites show "this article first appeared on domain.com" if there has been an article published on another site and is now publsihed on ours, how do we create a backlink to say it had first appeared on "domain.com" Any advice would be much appreciated Thanks
White Hat / Black Hat SEO | | edward-may1 -
Are CDN's good or bad for SEO? - Edmonton Web
Hello Moz folks, We just launched a new website: www.edmontonweb.ca It is now ranking on page 2 in our city. The website is built on Wordpress and we have made every effort to make it load faster. We have enabled the right caching and we have reduced the file size. Still, some of our local competitors have lower load times and more importantly lower ttfb's. Is a CDN the right answer? I've read articles demonstrating that Clowd Flare decreased a websites rankings. Is there a better CDN to use, or a propper way to implement Clowd Flare? Thank you very much for your help! Anton,
White Hat / Black Hat SEO | | Web3Marketing87
LAUNCH Edmonton0 -
Negative SEO attack working amazingly on Google.ca
We have a client www.atvandtrailersales.com who recently (March) fell out of the rankings. We checked their backlink file and found over 100 spam links pointing at their website with terms like "uggboots" and "headwear" etc. etc. I submitted a disavow link file, as this was obviously an attack on the website. Since the recent Panda update, the client is back out of the rankings for a majority of keyword phrases. The disavow link file that was submitted back in march has 90% of the same links that are still spamming the website now. I've sent a spam report to Google and nothing has happened. I could submit a new disavow link file, but I'm not sure if this is worth the time. '.'< --Thanks!
White Hat / Black Hat SEO | | SmartWebPros1 -
Website mallware attacks
I keep getting attacks to my website every time that are being blocked by OSE firewall Is there any way to stop this? I am affraid because they actually manage enter my website on the past, and i dont know if they can enter on the future or if having all the pluggins and wordpress updated. I am safe enough, and i am not sure if there is any type of virus on my computer Macbook as those attacked pages were recently updated from my computer. Is there any malware scan for Mac Thanl you == Attack Details == TYPE: Found Basic DoS Attacks DETECTED ATTACK VALUE: dDos Attack ACTION: Blocked LOGTIME: 2013-02-25 11:48:18 FROM IP: http://whois.domaintools.com/75.126.24.81 URI: [http://www.propdental.es/](http://www.propdental.es/) METHOD: HEAD USERAGENT: N/A REFERRER: N/A == Attack Details == TYPE: Found Basic DoS Attacks DETECTED ATTACK VALUE: dDos Attack ACTION: Blocked LOGTIME: 2013-02-25 10:13:17 FROM IP: http://whois.domaintools.com/107.21.150.82 URI: [http://www.propdental.es/blanqueamiento-dental/](http://www.propdental.es/blanqueamiento-dental/) METHOD: HEAD USERAGENT: N/A REFERRER: N/A ``` == Attack Details == TYPE: Found Malicious User Agent DETECTED ATTACK VALUE: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 ACTION: Blocked LOGTIME: 2013-02-25 03:13:52 FROM IP: http://whois.domaintools.com/119.245.226.74 URI: [http://www.propdental.es/sonrisas/los-martinez/](http://www.propdental.es/sonrisas/los-martinez/) METHOD: HEAD USERAGENT: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 REFERRER: N/A ``` ```
White Hat / Black Hat SEO | | maestrosonrisas0 -
HELP! My client got a DDOS Attack! Need advice
Here the setup: Server is hosted inhouse. It got attacked using a DDOS from 20+ IP addresses spoofing in different counries. Our server overloaded and didn't work anymore. URL is registered at GoDaddy. Signed up at Dreamhost. We pointed DNS to Dreamhost successfully. Attacks kept coming and messed up other sites on the Dreamhost shared server. We didn't know we were being followed at first. We originally thought they were attacking the IP address on our inhouse server. Dreamhost noticed the attack and put us on a seperate IP and disabled our URL until the attacks 'stopped'. MY QUESTION IS: What do I do if they don't stop? Close shop? 99% of the business is internet driven. This has to be the blackest Blackhat SEO ever.
White Hat / Black Hat SEO | | Francisco_Meza0
