Web Site was Hacked

  • Resolved redthruviolet

    (@redthruviolet)


    6 years, 6 months ago

    WordFence:

    A couple of weeks ago our web site was hacked, even though it was protected by WordFence.
    Is there a way I can find out what caused the hack?

    The page I need help with: [log in to see the link]

Viewing 5 replies - 1 through 5 (of 5 total)

  • Use strong password. If you are only user of your site then block access to login page after your login. Use https only.

    Thread Starter redthruviolet

    (@redthruviolet)

    Thank you for that information.
    I am interested in finding out what “hole” allowed the hackers to get in.

    Could be one of many routes e.g.:

    – Passwords brute forced
    – Passwords harvested from a compromised machine or email account
    – Cross infection from shared hosting
    – Vulnerability in an installed plugin or theme
    – Outdated PHP version

    To find out exactly what happened and why you’d need to go through your server logs with a fine toothcomb, identify the hack, remove all traces, fix the vulnerability, and then take steps to prevent this from happening again.

    Having Wordfence installed should be one part of a broader security strategy.

    Some useful advice can be found here: https://codex.www.ads-software.com/Hardening_WordPress

    Thread Starter redthruviolet

    (@redthruviolet)

    Thank you.
    I’ll look into that.

    Hi @redthruviolet

    Like @pidengmor mentioned, you might want to take a look at “How Attackers Gain Access to WordPress Sites” article, however, to pinpoint the exact backdoor on your website this will need in depth server inspection that might require hiring a professional security analyst.

    Thanks.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Web Site was Hacked’ is closed to new replies.