Wordfence website hacked

  • Resolved ac1643

    (@ac1643)


    8 years, 11 months ago

    Hi, please help!

    I am using wordfence security on my site. The site has been hacked and I would appreciate if you could tell me how this happened and what I may have been doing wrong when setting up WF security.

    I received the following alerts, not sure if the second is relevent:

    (Friday 1st of January 2016 at 06:10:10 AM)
    Critical Problems:
    * WordPress core file modified: index.php
    * File appears to be malicious: 2016uk.php

    and

    (10:08 PM (23 hours ago))
    A user with IP address 83.66.108.176 has been locked out from the signing in or using the password recovery form for the following reason: Exceeded the maximum number of login failures which is: 20. The last username they tried to sign in with was: ‘admin’
    User IP: 83.66.108.176
    User hostname: 83.66.108.176
    User location: Istanbul, Turkey

    I have restored my website to an earlier version but obviously I need to know how this happen and how to prevent it happening again.

    Many thanks

    https://www.ads-software.com/plugins/wordfence/

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hi,

    There are many ways a site can be attacked. Most sites are compromised because of outdated plugins and themes, running an older version of WordPress, or having an insecure password. If you’re on a shared host, you can also be susceptible to hacks from other sites on the shared server. Also, inactive plugins can be a source of attack.

    Here is the official WordPress page on hardening WordPress:

    https://codex.www.ads-software.com/Hardening_WordPress

    Thanks,
    Brian

    Thread Starter ac1643

    (@ac1643)

    Thanks, I will have a look and do some research to try to determine the cause.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Wordfence website hacked’ is closed to new replies.