FutureDomain

Hi Everyone

I am hoping this thread will not only help me but others.

Yet again a number of my blogs have been hacked and some idiot and pointless hacker has messed up some great sites.

I had an attack on my Job Quick site on Saturday and I managed to fix all the hackers rubbish, but tonight another Hacker defaced 8 more sites, including the one I had just managed to fix.

Has anyone got some good tips on the best ways to secure your wordpress site, I use pluggins like login lockout etc. but I am sure you guys have some best practise ways to do this and stop hackers

Thanks everyone.

__________________
Kensington Palace Dot Developments Stonehenge Tours
Kids Tablet

peter_w

The majority of hacks recently have come via an exploit timthumb, so first port of call would be to install the Timthumb Vulnerability Scanner (plugin) and run it.

__________________
You'll find me on LinkedIn, Twitter and Google+.

FutureDomain

Thanks Peter

Will do that one, great tip rep-plus given, I have been busy tracking the hacker down, just found them... not sure how responsive Saudi ISP's are though

__________________
Kensington Palace Dot Developments Stonehenge Tours
Kids Tablet

atlas

Some thoughts:

* change all your passwords
* hackers often upload a few backdoors when they hack a website - check for this (review all recently modified files). Also check the first line of the wp-config.php file - many hacks inject some obfuscated php code there
* Change your wp-content -folder name
* Install 404 logger plugin to see if bots are testing your website for security vulnerabilities
* Follow these steps:
http://www.mattcutts.com/blog/three-...-installation/

__________________
..........

aZooZa

I'm surprised that the WP developers haven't implemented much of this security stuff. As a start, they should stop using defaults and ask the user for more custom install parameters, like DB prefixes and directory structure. Okay, so they provide defaults and many of them may be changed, but they could at least warn people of the ramifications of using defaults.

https://www.google.com/search?client...oe=utf-8&gl=uk

Blossom

When you fixed the site after the hacking, what steps did you take?

__________________
Jenni | Blossom | Video Tutorials

golddiggerguy

Not security as such but "Limit login attempts" is a nice one to just have in place.

Can customise to suit your level of lock outs if passwords are entered wrongly.

__________________
Body Confidence - - Humber.TV

- - Hull Fair - Baby Products

admin

try "Better WP Security" plug-in, has loads of features.

and if you want to track (in real time) what users are doing on your site try "WassUp" plug-in

Admin

__________________
Domain Appraisal | Domain Scripts | Domain Software| link to Acorn Domains

FutureDomain

Thanks everyone, I have had full scans run and one of the biggest sites is going to take ages to repair, so far I have found a few things that suprise me, like premium pluggins like WP robot has vulnerable elements.

I know the defaults are a problem and you can change them, it would be good to be able to change these as part of the install. I am seriously invested in premium tools for my WP installs but it just shows you can do more.

If anyone runs WP I would say a maldet scan is good if you have new pluggins, even found all-in-one-seo-pack is vulnerable and I have used this for ages.

I have a busy week ahead, lol

__________________
Kensington Palace Dot Developments Stonehenge Tours
Kids Tablet

FutureDomain

Just thinks before I moan about pluggins, do you think that the hacker installed some backdoors in all-in-one-seo-pack and WP robot pluggins, would be interesting if anyone also found gzbase64.inject.unclassed results in thier installs after running a malware detect scan on thier server.

Oh and thanks for all the tips everyone, I am certain these will help me and others

__________________
Kensington Palace Dot Developments Stonehenge Tours
Kids Tablet