Couldn't Protect from a damn thing !!

” my site got destroyed as usual ” – Maybe you have other things that should be looked at outside this plugin.

There are lots of doors to get to website. Blame the plugin, only if you are sure that there is an issue!!!!

Well, you may be right. But hear me out … this is what I have done:

1. kept all my plugins and themes updated.
2. kept wordpress updated.
3. installed and configured WordFence
4. installed and configured all the steps of iTheme except for SSL and file change monitoring.
5. installed NO CAPCHA ReCAPCHA as an added login protection.
6. my user name and password are more than 12 char complex ones.

They still managed to change my WP core files. Now you tell me what else could I have done. If any of you have any ideas, please let me know. At this point I’m completely lost … at this point if I blame a plugin, how wrong would I be?

@ahmedmusawir

Instead of pointing towards a plugin out of frustration your time would be better spend doing proper digital forensics. First thing you need to figure out when your site got hacked is HOW DID THE BAD GUYS GET IN.

Log files will go a long way in helping you answer that question.

Once you know how the attackers got in you can start looking at why any security plugin was not able to protect the website against the attack.

Also keep in mind 100% security doesn’t exist …

dwinden

@ahmedmusawir

7 days later … my site got destroyed as usual

That as usual says it all. Come on, the problem you had already before using this plugin, so do not blame it!

If I were you I would ask myself: how did they come in/hacked their way through? As long you have no answer on that, YOU never will be able to do any against it.

In your list there is missing …
* I did not find any negative in the debug.log
* I checked all important >server< logfiles
* I protected/prevent access through FTP/SSH for outsiders
* I created a new user and gave it admin caps and destroyed the ‘old’ one
* I contacted already the provider for help (but that didn’t change/help)
* ALL WordPress core files are owned by the >server<
so you, only you can access them AND you need a SERVER/ROOT password to change/delete or add a file or folder(actualy never or seldom, except wp-config.php and .htaccess( but I assume they are already read/write protected)
* I am sure my Theme isn’t compromising WordPress core
* I did not add any compromising code to functions.php myself
* I am sure the web-hoster is reliable
* and so on …

They still managed to change my WP core files

Who says ‘they’ got their entrance through the front door…sounds like ‘they’ know an entrance through a backdoor.

You know the most funny of all? I am not even using this plugin, a client pointed me on your comment and I could not resist to respond.

I don’t mean to be offending at all but see the number of Active Installs?… It gives you some to think eh.. and your own ‘as usual’ was the trigger.

Try some of the little listing I show, who knows maybe it helps..maybe it does not but at least you tried.

If done all of them with no positive result, hint: change webhoster/provider

Cheers