Not stopping reinfection

  • Resolved Brian Homer

    (@brian-homer)


    1 year, 6 months ago

    I’m suffering massive repeated attacks on my sites which are on Cpanel shared hosting with names.co.uk I’ve changed all passwords including admin accounts, FTP, databases etc and installed 2FA on my hosting account and on my Cpanel account. I’m also using Wordfence on my sites as well as manually removing infected files in CPanel file manager. But I cannot stop the repeated insertion of malware and neither can Wordfence. I suspect that hackers are stealing processor cycles as since the attacks began my resource usage has hit maximum and my sites have been restricted. Obviously using Wordfence adds to this.I’ve spent hours on this and hosting support has been minimal and I now don’t know how to proceed.

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @brian-homer, sorry to hear you’re having problems with malware recreating itself on your site.

    Whilst you’re absolutely correct to change credentials for any possible entry points to your site such as FTP, database, WordPress admin users, cPanel/hosting; there may be more steps required to discover where the files are being regenerated from.

    It’ll be worth trying to carefully follow the checklist here and cleaning the site yourself if possible: https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/

    Make sure to get all your plugins and themes updated and update WordPress core too. WordPress sometimes patches their older releases if they find a vulnerability so make sure to update your version if needed. We, of course, recommend that you update to the latest version.

    Additionally you might find the WordPress Malware Removal section in our free Learning Center helpful.  

    If you are unable to clean this on your own there are paid services that will do it for you. Wordfence offers one and there are others. Regardless of whether you choose to clean it yourself or let someone else do it – again we recommend that you make a full backup of the site beforehand.

    Thanks,
    Peter.

Viewing 1 replies (of 1 total)
  • The topic ‘Not stopping reinfection’ is closed to new replies.