frenchonskype

I understand that I may get infected again, pao2.
What frustrates me is that Wordfence doesn’t catch the hack.
I find out from FB, after they block my links, based on people’s complaints.
Then I scan, find virus, fix.
How is that OK?

Hello!
I hardened my WordPress, and doing all the right things… or so I thought.

Bluehost had “issues” and I had to login with an insecure user…

How did I find out?

I’ve been hacked again, with a virus that redirects my mobile traffic to a cellular phone ad.

Same as it happened 2 months ago.

Wordfence had scanned with negative results at 3pm, then at 6pm I tried to share a post on FB who alerted me that I’m posting spam.

What should I do now?

My passwords are ultra difficult – should I reset my passwords again?

This NEVER happened to me in 7 years, on a non-responsive theme.

Thanks for all your help,
Llyane

Thank you!

Oh, I like this, MTN, thanks a lot – helps me until tomorrow.
Nelida

Another question:
what is a good setting for these firewall parameters, all unlimited by default

If anyone’s requests exceed (unlimited)

If a crawler’s page views exceed

If a crawler’s pages not found (404s) exceed

If a human’s page views exceed

If a human’s pages not found (404s) exceed

If 404s for known vulnerable URLs exceed

Thanks again,
Nelida

I feel that the firewall is very loosely setup; tightened up some features, but not sure what’s too much.

Any advice here?
Thanks,
Nelida

I’m getting my plugins and themes from clean sources.

From the page you sent me, I’ve done:
Go to the Wordfence options page and make sure that under the “Scans to include” heading, absolutely everything is selected including the option to scan files outside your WordPress installation.

The scan is cleaned.

Passwords are changed.

What else?
Thanks,
Nelida

Are they not pitching in here with answers?
Thanks,
Nelida

Yes, I’m starting to see that I can tighten up my firewall quite a bit.
Not sure how much is too much, though.
The defaults look really loose.
Would the support team help with choosing the right settings?
Thank you so much, MTN

Nelida

Hello

Is this valid Whitelisted 404 URLs
(These URL patterns will be excluded from the throttling rules used to limit crawlers.)

/favicon.ico
/apple-touch-icon*.png
/*@2x.png
/browserconfig.xml

Thanks,
Llyane

Thank so much! ??
Llyane

Would the paid version help?
Wordfence has the description of the attack (it finds it at scan), just doesn’t see it when it’s done?
Or any other functionality from the free version (still testing this software) that prevents wp-load.php to be written?

Is wp-load.php a writeable file anyway?
It’s the same for all my websites.

Hi, Mary,

No need for a child theme in my case – I hadn’t change the code.

Here is the fix:
https://forum.bytesforall.com/showthread.php?t=8520

Thanks so much,
Llyane

It will help very much to reactivate the prior version, but I can’t find the way to do it.
Thanks again,
Llyane

Hello,
I updated to Atahualpa 3.7.13 and I lost header/footer
I didn’t change the files and the settings are in the atahualpa options, but the header (which has the navigation bar in it) don’t show.
Please help!
Thank you,
Llyane