Web virus attack every second
-
Hello my wordpress has been constantly attacked every day, files were uploaded and redirections were made to others websites.
I instaled sucruri pluggin paying the annual fee, and no result. They keep acessing the web. And i uploading backup security.
Know i have instaled OSE wp firewall and seems that they are getting more dificulty accessing and uploading files. But still sending like 40 attacks every day.
Is ther any way to stop this?
were is some information of the blocked attacks
LOGTIME: 2013-02-22 10:58:01
FROM IP: http://whois.domaintools.com/27.153.210.183
REFERRER: http://www.propdental.com/index.php?option=com_registration&task=register
LOGTIME: 2013-02-22 10:52:09
FROM IP: http://whois.domaintools.com/2a00:1d70:c01c::69:61
URI: http://www.propdental.com/video//wp-admin.php
FROM IP 40 attacks this ip every two seconds:
http://whois.domaintools.com/2a00:1d70:c01c::69:61
URI: http://www.propdental.com/video//wp-admin.php
ACTION: Blocked
LOGTIME: 2013-02-22 10:49:10
FROM IP: http://whois.domaintools.com/103.31.186.82
URI: http://www.propdental.com/
METHOD: GET
LOGTIME: 2013-02-22 10:37:10
FROM IP: http://whois.domaintools.com/120.43.11.251
URI: http://www.propdental.com/blog/tag/carillas-de-porcelana-cerinate
METHOD: GET
USERAGENT: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.95 Safari/537.11
REFERRER: http://www.propdental.com/blog/tag/carillas-de-porcelana-cerinate
ACTION: Blocked
LOGTIME: 2013-02-22 10:28:52
FROM IP: http://whois.domaintools.com/36.251.43.51
URI: http://www.propdental.com/
METHOD: GET
USERAGENT: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4
REFERRER: http://www.buyclassybags.com/
-
You may have missed my point. Sucuri didn't fix my problem either, but when I hired Michael (see link in my response above) he had the expertise to fix it. I agree with EGOL that in some cases you need to hire a pro.
(I have no allegiance or connection to Michael other than the fact that he saved me so much headache after weeks of struggling with malware that other people couldn't fix.)
-
I did also hired sucuri, but it was not worthing, becuase with the instaled pluggin they keep geting control of my web
now they can not get in my web just because they are being blocked by OSE wp firewall
-
I can recommend someone very good. My website was affected by malware. I first contacted my host and they did a few things that we thought fixed the problem but it came back. Then I hired sucuri. I believe that for many virus problems sucuri is good, but they couldn't get this one. It came back every single day and got harder and harder to detect.
A friend recommended Michael VanDeMar. (You can contact him here.) It took him a little while but he uncovered the problem. It was a sneaky malware that would only appear on computers using internet explorer, and not all the time. Plus, it would hide itself when someone from the host's IP was trying to find it. Michael fixed it for me. His rates were really fair. It cost me just a little bit more than sucuri.
-
If you do a full reinstall it might work.
The problem could be in the pluggins as they are installed - or they could have vulnerability that is exploited after install. If you were running an old version of wordpress, it could have holes.
The problem could be on your computer and it gets into your wordpress when you upload files, the server could have openings that are being exploited.
There are so many ways for these things to happen.
-
You think that if i install wordpress again and all pluggins again this will stop?
in the last hour another 250 attacks to different urls
Any recommendation of someone who can handle this for me?
thanks
-
I would hire a pro.
These types of problems can be very difficult to solve and can come from a variety of sources.
I would contact them and ask how much to clean a wordpress install. I bet the price is lower than you think.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Leveraging A Second Site
Hi, A client of mine has an opportunity to buy/control another site in the same niche. The client's site is the top-ranked site for the niche. The second site is also often top half of page one. The second site has a 15 year old design that is a really bad, almost non-functional, user experience and thin content. The client's site (site 1) has the best link profile and dominates organic search, but the second site's link profile is as good as our nearest competitor's link profile. Both sites have been around forever. Both sites operate in the affiliate marketing space. The client's site is a multi million dollar enterprise. If the object were to wring the most ROI out of the second site, would you: A) Make the second site not much more than a link slave to the first, going through the trouble to keep everything separate, including owner, hosting, G/A, log-on IPs, so as not to devalue the links to 1st site, etc? Or... B) Develop the second site and not worry about hiding that both are the same owner. Or... C) Develop the second site and still worry about it keeping it all hidden from Google. Or... D) Buy the second site and forward the whole thing to site 1. I know the white hat answer is "B," but would like to hear considerations for these options and any others. Thanks! P.S., My pet peeve is folks who slam a fast/insufficient answer into an unanswered question, just to be the first. So, please don't.
White Hat / Black Hat SEO | | 945010 -
Good vs Bad Web directories
Hi this blog post Rand mentions a list of bad web directories - I asked couple of years ago if there is an updated list as some of these (Alive Directory for example) do not seem to be blacklisted anymore and are coming up in Google searches etc? It seems due to old age of the blog post (7 years ago ) the comments are not responded to. Would anyone be able to advise if which of these good directories to use? https://moz.com/blog/what-makes-a-good-web-directory-and-why-google-penalized-dozens-of-bad-ones
White Hat / Black Hat SEO | | IsaCleanse0 -
Has our site been attacked?
Hello fellow mozers! I am having a problem you might be able to help me with and any thoughts on the issue will be greatly appreciated. Yesterday, I received an automated monthly report from Quill Engage, a tool that fetches data from Google Analytics and generates reports in a narrative format. Last month's 'referral traffic' section indicates two incredibly spammy websites driving more than 200 sessions to our website. Naturally, I checked out GWT and Open Site Explorer but couldn't find any traces of such activity. Futhermore, all our metrics seem ok. Can this possibly be a negative SEO attack that was only traced by the aforementioned tool? Can you propose any other way to test this and make sure we're not being attacked?
White Hat / Black Hat SEO | | SMD_0 -
Bot or Virus Creating Bad Links?
Hey Everyone, We are getting ready to engage a client for some potential marketing/SEO so in preparing for this have ran the site through OpenSiteExplorer. The site is relatively new and there are only two links under the inbound links section. They are relevant and add value, no issues there. Here is where it get strange. When I look under the 'Just Discovered' section there are many (hundreds) new links going back about a month. Virtually all of them have the anchor text 'Louis Vuitton outlet'. Now the client swears he has not engaged anyone for black hat SEO, so wondering who could possibly be creating these links. They do sell some Louis Vuitton items on the site, so I'm wondering if it is possible that some spam bot has picked up the site and began to spam the web with links to the clients site. So far today, 50 or so new links have been created with said anchor text and the clients root URL all on very poor quality, some foreign blog sites. Would like to find out why this is happening and put a stop to it for obvious reasons. Has anyone experienced something similar? Could this be a bot? Or maybe someone with an axe to grind against the client? Anyone could be doing this on their own, but just seems strange for it to be happening to a new site that does not even rank highly at the moment. Any advice or info is greatly appreciated, thanks in advance.
White Hat / Black Hat SEO | | Whebb0 -
Are CDN's good or bad for SEO? - Edmonton Web
Hello Moz folks, We just launched a new website: www.edmontonweb.ca It is now ranking on page 2 in our city. The website is built on Wordpress and we have made every effort to make it load faster. We have enabled the right caching and we have reduced the file size. Still, some of our local competitors have lower load times and more importantly lower ttfb's. Is a CDN the right answer? I've read articles demonstrating that Clowd Flare decreased a websites rankings. Is there a better CDN to use, or a propper way to implement Clowd Flare? Thank you very much for your help! Anton,
White Hat / Black Hat SEO | | Web3Marketing87
LAUNCH Edmonton0 -
Spamlink attack wat to do
Since today we had a spamlink attack. Just 150 dirty links in one morning and probably more to follow. Last year we also had an attack and we used the disalow. But this domain had a much stronger histrory and a PR of 6. The new domain has an authority (DA36) and PR1. The domain is very valuable and we rank on page on one of the most competitive words. Should I use the disalow tool, or just hope that the spam links don't hurt my ranking. I have some (150) valuable incoming links. Example of bad link: http://lamevabarcelona.com/una-exposicio-ens-guia-per-barcelona/dscn0756/ I think X Rumer/ pingback is used. I hope somebody can help us with this.
White Hat / Black Hat SEO | | remkoallertz0 -
Negative SEO attack working amazingly on Google.ca
We have a client www.atvandtrailersales.com who recently (March) fell out of the rankings. We checked their backlink file and found over 100 spam links pointing at their website with terms like "uggboots" and "headwear" etc. etc. I submitted a disavow link file, as this was obviously an attack on the website. Since the recent Panda update, the client is back out of the rankings for a majority of keyword phrases. The disavow link file that was submitted back in march has 90% of the same links that are still spamming the website now. I've sent a spam report to Google and nothing has happened. I could submit a new disavow link file, but I'm not sure if this is worth the time. '.'< --Thanks!
White Hat / Black Hat SEO | | SmartWebPros1 -
HELP! My client got a DDOS Attack! Need advice
Here the setup: Server is hosted inhouse. It got attacked using a DDOS from 20+ IP addresses spoofing in different counries. Our server overloaded and didn't work anymore. URL is registered at GoDaddy. Signed up at Dreamhost. We pointed DNS to Dreamhost successfully. Attacks kept coming and messed up other sites on the Dreamhost shared server. We didn't know we were being followed at first. We originally thought they were attacking the IP address on our inhouse server. Dreamhost noticed the attack and put us on a seperate IP and disabled our URL until the attacks 'stopped'. MY QUESTION IS: What do I do if they don't stop? Close shop? 99% of the business is internet driven. This has to be the blackest Blackhat SEO ever.
White Hat / Black Hat SEO | | Francisco_Meza0