How do a create site like sample?

@backyarder1, you can build such a website by using any basic theme + a few plugins as well.

@backyarder1 Sure, as fearzzzz mentioned above, you could try a basic theme (like Twenty Twenty, which I suggested earlier) – along with a plugin to create the category-carousel effect.

Thanks for all of your replies. I just went back to my previous theme. If it causes problems again, I’ll just give up on blogging.

Well, I hope you don’t give up on blogging. ?? There are lots of good themes out there, even if they don’t look exactly the same as the one you’re using now.

Best wishes and happy blogging! Feel free to post again if you need help with anything else.

Thank you. I’ve been watching the log files and it looks like someone is still trying to get into the site. Looks like some hosts have something called IP block where you can easily block IP addresses but this particular host doesn’t have that. So not sure if I should try to block them through .htaccess or some other way.

I can offer a couple of tips on the security front:

It’s a good idea to keep all your plugins are up-to-date, and run the latest version of WordPress, as hackers can exploit security vulnerabilities in WP core and plugins, as well as themes.

In addition, I’d recommend you look into adding a security plugin to your site. There are lots of good ones out there that can protect against brute force attacks, some free and some premium. I’d probably be careful about blocking whole IPs, as hackers can forge IP addresses or use shared IPs, and you could end up locking out legitimate visitors. The security plugins’ support folks could certainly lend a hand with setup and answer any questions you might have. Here’s where you can get started:

https://www.ads-software.com/plugins/search/security/

@backyarder1, I agree with Kathryn, hope you don’t give up on blogging ?? From my side I can help with the security stuff (check the code of your “hacked” theme and so on) if you’ll face the same issues again.

@fearzzzz That’s very kind. I don’t really know what my hosting site provides, in the way of helping with security. They moved me to a new “control panel” so I’m trying to figure that all out. I did go back to the old theme that they said was causing the problems so it might still have the same problem. It has a log and I see a bunch of things in there that LOOKS like somebody is trying to access things they shouldn’t but I don’t have enough skills to know what is going on. I see things that say “GET” and “POST” which I think are FTP commands but I have no idea how someone could FTP into my site. I DO see in statcounter that people are trying to access “fake pages” on my site but I think I have those corrected. Anyway, its not like anybody really needs to read my “thoughts” that I spew onto a blog anyway. Creating the blogs was something I always enjoyed but hackers have taken some of the pleasure out of that.

@backyarder1, I’m sorry to hear that you’re having such a problem.

If your hosting provider claims that the theme you are using is vulnerable, then it makes sense to examine its source code. But.

I think that was my problem. I was using an unsupported theme. (Virtue)

As I can see, this theme was updated in November 2022 and have no vulnerabilities discovered so far. At this point I want to ask you about the plugins you have/use on your hacked website, because one of the plugins could also be the reason of all this mess.

@fearzzzz. these are the plugins that are there now and active. Not sure which ones are from the old site or which ones are recent. I don’t know what some of them air. Like Mailpoet.

• Blaze Demo Importer
• Collapse-o-matic
• Jetpack
• Kadence Starter Templates
• Mailpoet
• Official Statcounter Plugin
• Virtue/Ascend/Pinnacle Toolkit
• Virtual Portfolio, Posts & Image Gallery.

@backyarder1, well, almost half of the named plugins have publicly known vulnerabilities. Of course, it all depends on the installed version, but you need to pay attention to this anyways to avoid additional troubles.

It’s highly recommended to keep plugins up to date, and as an additional measure, a security plugin can help (Patchstack, Wordfence, iThemes Security and so on).