Web virus attack every second
-
Hello my wordpress has been constantly attacked every day, files were uploaded and redirections were made to others websites.
I instaled sucruri pluggin paying the annual fee, and no result. They keep acessing the web. And i uploading backup security.
Know i have instaled OSE wp firewall and seems that they are getting more dificulty accessing and uploading files. But still sending like 40 attacks every day.
Is ther any way to stop this?
were is some information of the blocked attacks
LOGTIME: 2013-02-22 10:58:01
FROM IP: http://whois.domaintools.com/27.153.210.183
REFERRER: http://www.propdental.com/index.php?option=com_registration&task=register
LOGTIME: 2013-02-22 10:52:09
FROM IP: http://whois.domaintools.com/2a00:1d70:c01c::69:61
URI: http://www.propdental.com/video//wp-admin.php
FROM IP 40 attacks this ip every two seconds:
http://whois.domaintools.com/2a00:1d70:c01c::69:61
URI: http://www.propdental.com/video//wp-admin.php
ACTION: Blocked
LOGTIME: 2013-02-22 10:49:10
FROM IP: http://whois.domaintools.com/103.31.186.82
URI: http://www.propdental.com/
METHOD: GET
LOGTIME: 2013-02-22 10:37:10
FROM IP: http://whois.domaintools.com/120.43.11.251
URI: http://www.propdental.com/blog/tag/carillas-de-porcelana-cerinate
METHOD: GET
USERAGENT: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.95 Safari/537.11
REFERRER: http://www.propdental.com/blog/tag/carillas-de-porcelana-cerinate
ACTION: Blocked
LOGTIME: 2013-02-22 10:28:52
FROM IP: http://whois.domaintools.com/36.251.43.51
URI: http://www.propdental.com/
METHOD: GET
USERAGENT: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4
REFERRER: http://www.buyclassybags.com/
-
You may have missed my point. Sucuri didn't fix my problem either, but when I hired Michael (see link in my response above) he had the expertise to fix it. I agree with EGOL that in some cases you need to hire a pro.
(I have no allegiance or connection to Michael other than the fact that he saved me so much headache after weeks of struggling with malware that other people couldn't fix.)
-
I did also hired sucuri, but it was not worthing, becuase with the instaled pluggin they keep geting control of my web
now they can not get in my web just because they are being blocked by OSE wp firewall
-
I can recommend someone very good. My website was affected by malware. I first contacted my host and they did a few things that we thought fixed the problem but it came back. Then I hired sucuri. I believe that for many virus problems sucuri is good, but they couldn't get this one. It came back every single day and got harder and harder to detect.
A friend recommended Michael VanDeMar. (You can contact him here.) It took him a little while but he uncovered the problem. It was a sneaky malware that would only appear on computers using internet explorer, and not all the time. Plus, it would hide itself when someone from the host's IP was trying to find it. Michael fixed it for me. His rates were really fair. It cost me just a little bit more than sucuri.
-
If you do a full reinstall it might work.
The problem could be in the pluggins as they are installed - or they could have vulnerability that is exploited after install. If you were running an old version of wordpress, it could have holes.
The problem could be on your computer and it gets into your wordpress when you upload files, the server could have openings that are being exploited.
There are so many ways for these things to happen.
-
You think that if i install wordpress again and all pluggins again this will stop?
in the last hour another 250 attacks to different urls
Any recommendation of someone who can handle this for me?
thanks
-
I would hire a pro.
These types of problems can be very difficult to solve and can come from a variety of sources.
I would contact them and ask how much to clean a wordpress install. I bet the price is lower than you think.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Backlink an article thats already on the web
Hey Mozers, Just wondering I noticed a few sites show "this article first appeared on domain.com" if there has been an article published on another site and is now publsihed on ours, how do we create a backlink to say it had first appeared on "domain.com" Any advice would be much appreciated Thanks
White Hat / Black Hat SEO | | edward-may1 -
Has our site been attacked?
Hello fellow mozers! I am having a problem you might be able to help me with and any thoughts on the issue will be greatly appreciated. Yesterday, I received an automated monthly report from Quill Engage, a tool that fetches data from Google Analytics and generates reports in a narrative format. Last month's 'referral traffic' section indicates two incredibly spammy websites driving more than 200 sessions to our website. Naturally, I checked out GWT and Open Site Explorer but couldn't find any traces of such activity. Futhermore, all our metrics seem ok. Can this possibly be a negative SEO attack that was only traced by the aforementioned tool? Can you propose any other way to test this and make sure we're not being attacked?
White Hat / Black Hat SEO | | SMD_0 -
International web site - duplicate content?
I am looking at a site offering different language options via a javascript drop down chooser. Will google flag this as duplicate content? Should I recommend the purchase of individual domains for each country? i.e. .uk
White Hat / Black Hat SEO | | bakergraphix_yahoo.com1 -
Can I get updated opinions on PR Web?
I saw Moz has discussed PR web in earlier posts, but they are mostly months to years old. I'm wondering if PR Web is a good service? A lot of my competitors use it, but it seems just like a paid link to me. If for whatever reason, PR Web is an approved loophole, does anyone have any suggestions on which plan to purchase? Thanks, Ruben
White Hat / Black Hat SEO | | KempRugeLawGroup0 -
Black Hat Attack! Seeking Help
Hello, For the first time, I think my site has been the victim of a black hat (spam) attack 😞 I have a blog in a competitive niche and my rankings suddenly dropped (from top 3 to top 20). A quick peek at my latest backlinks using Open Site Explorer "Just Discovered" revealed some nasty looking comment spam links with my target keywords posted recently. Of course, I haven't hired anyone to post such links and I haven't done it myself. So my only guess is that a competitor has been generous enough to invest on spamming my site. Questions: 1. How can I confirm if this is in fact a spam attack? 2. Should I worry about this? 3. If so, what is the best way to go about this? Would appreciate any thoughts on this. Thanks in advance! Howard
White Hat / Black Hat SEO | | howardd1 -
Website mallware attacks
I keep getting attacks to my website every time that are being blocked by OSE firewall Is there any way to stop this? I am affraid because they actually manage enter my website on the past, and i dont know if they can enter on the future or if having all the pluggins and wordpress updated. I am safe enough, and i am not sure if there is any type of virus on my computer Macbook as those attacked pages were recently updated from my computer. Is there any malware scan for Mac Thanl you == Attack Details == TYPE: Found Basic DoS Attacks DETECTED ATTACK VALUE: dDos Attack ACTION: Blocked LOGTIME: 2013-02-25 11:48:18 FROM IP: http://whois.domaintools.com/75.126.24.81 URI: [http://www.propdental.es/](http://www.propdental.es/) METHOD: HEAD USERAGENT: N/A REFERRER: N/A == Attack Details == TYPE: Found Basic DoS Attacks DETECTED ATTACK VALUE: dDos Attack ACTION: Blocked LOGTIME: 2013-02-25 10:13:17 FROM IP: http://whois.domaintools.com/107.21.150.82 URI: [http://www.propdental.es/blanqueamiento-dental/](http://www.propdental.es/blanqueamiento-dental/) METHOD: HEAD USERAGENT: N/A REFERRER: N/A ``` == Attack Details == TYPE: Found Malicious User Agent DETECTED ATTACK VALUE: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 ACTION: Blocked LOGTIME: 2013-02-25 03:13:52 FROM IP: http://whois.domaintools.com/119.245.226.74 URI: [http://www.propdental.es/sonrisas/los-martinez/](http://www.propdental.es/sonrisas/los-martinez/) METHOD: HEAD USERAGENT: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 REFERRER: N/A ``` ```
White Hat / Black Hat SEO | | maestrosonrisas0 -
If Google Authorship is used for every page of your website, will it be penalized?
Hey all, I've noticed a lot of companies will implement Google Authorship on all pages of their website, ie landing pages, home pages, sub pages. I'm wondering if this will be penalized as it isn't a typical authored piece of content, like blogs, articles, press releases etc. I'm curious as I'm going to setup Google Authorship and I don't want it to be setup incorrectly for the future. Is it okay to tie each page (home page, sub pages) and not just actual authored content (blogs, articles, press releases) or will it get penalized if that occurs? Thanks and much appreciated!
White Hat / Black Hat SEO | | MonsterWeb280