Finding but not preventing

  • Resolved frenchonskype

    (@frenchonskype)


    6 years, 9 months ago

    Hello

    I’m getting a code appended at the end of wp-load.php that redirects my traffic to a cell phone ad.

    Wordfence notifies me at scan, shows me the difference between the files, I remove the code, rescan, all good.

    Since I installed Wordfence, I’ve scanned every Saturday, and backed up, but this past week all my sites (no matter the theme or plugins) were again infected.

    Wordfence finds, I clean, all good.

    Why can Wordfence not prevent this problem from happening in the first place?

    Thanks,
    Llyane

Viewing 6 replies - 16 through 21 (of 21 total)

  • Hi @frenchonskype,

    In addition to the information provided by @mountainguy2 I also recommend this article from our Learning Center.

    Thread Starter frenchonskype

    (@frenchonskype)

    Thank you!

    Thread Starter frenchonskype

    (@frenchonskype)

    Hello!
    I hardened my WordPress, and doing all the right things… or so I thought.

    Bluehost had “issues” and I had to login with an insecure user…

    How did I find out?

    I’ve been hacked again, with a virus that redirects my mobile traffic to a cellular phone ad.

    Same as it happened 2 months ago.

    Wordfence had scanned with negative results at 3pm, then at 6pm I tried to share a post on FB who alerted me that I’m posting spam.

    What should I do now?

    My passwords are ultra difficult – should I reset my passwords again?

    This NEVER happened to me in 7 years, on a non-responsive theme.

    Thanks for all your help,
    Llyane

    Hi frenchonskype, from my experience having similar problems as yours, if your site is currently hosted in a shared hosting, do not be surprised if your site keeps getting reinfected over and again. The other users in the same shared hosting as yours may have their sites infected and do not even realize, it’s not necessarily our fault if we have secured our site and yet still keep getting reinfected.
    I moved one of my sites to a VPS hosting, and haven’t looked back ever since. Sure, most infections are just plain redirection or adware, and are easily detected and cleaned up, but it can get really frustrating having to clean your site everyday since the attack frequency may randomly increase. The downside of a VPS is that it requires a considerable amount of knowledge on web server & Linux/whatever OS it’s using, but you can always choose a maintained VPS hosting although it’s way pricier.
    That being said, you can try to alert your hosting company to investigate.

    Thread Starter frenchonskype

    (@frenchonskype)

    I understand that I may get infected again, pao2.
    What frustrates me is that Wordfence doesn’t catch the hack.
    I find out from FB, after they block my links, based on people’s complaints.
    Then I scan, find virus, fix.
    How is that OK?

    Sorry to say it, but indeed, running a website on shared hosting is nothing less than the same thing as driving the wrong direction in the Arc de Triomphe roundabout. Your first step is to move everything to a VPS. After that, you might consider simply paying Wordfence for a site cleaning.

    Like many things in life, running a secure website is not free, or low cost. You get what you pay for, and it’s best to drive the correct direction in the roundabout (smile).

    MTN

Viewing 6 replies - 16 through 21 (of 21 total)
  • The topic ‘Finding but not preventing’ is closed to new replies.