1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to secure my WP from infected plugins?

Discussion in 'Blogging' started by DorZ11, Jul 6, 2012.

  1. DorZ11

    DorZ11 Junior Member

    Joined:
    Feb 21, 2012
    Messages:
    120
    Likes Received:
    5
    every week I think its infected plugin that delete all the folder of my site and I need to install WP again and import/export db and stuff..
    what should I do? thanks and sorry for poor english
     
  2. CyberSEO

    CyberSEO Senior Member

    Joined:
    Jul 14, 2011
    Messages:
    939
    Likes Received:
    255
    Occupation:
    programmer
    Home Page:
    Learn PHP and check every file manually. There is no other way to do it.
     
  3. demed

    demed Newbie

    Joined:
    Jun 23, 2012
    Messages:
    25
    Likes Received:
    4
    What plugins are you using?
     
  4. DorZ11

    DorZ11 Junior Member

    Joined:
    Feb 21, 2012
    Messages:
    120
    Likes Received:
    5
  5. KingCrab

    KingCrab Regular Member

    Joined:
    Jun 13, 2008
    Messages:
    287
    Likes Received:
    40
    What you got to firstly is to check whether any files are present in ur installation that are not suppose to be there. Some of these cleverly named. Secondly check each php file for "eval gzinflate" it shouldn't neccessarily be in any wordpress files. Lastly, you got to comb through ur database.
     
  6. Pekton

    Pekton Regular Member

    Joined:
    Nov 28, 2009
    Messages:
    250
    Likes Received:
    104
    Location:
    upstate ny
    where did you download each plugin from? that should help narrow the list as to which ones might be dodgy
     
  7. DorZ11

    DorZ11 Junior Member

    Joined:
    Feb 21, 2012
    Messages:
    120
    Likes Received:
    5
    I search in the the plugin section for new plugins than the I download the exactly name.
     
  8. ugjunk

    ugjunk Jr. VIP Jr. VIP Premium Member

    Joined:
    Jan 1, 2011
    Messages:
    2,340
    Likes Received:
    721
    Location:
    Los Angeles
    Home Page:
    Google lockerpress, it's an awesome security plugin
     
    • Thanks Thanks x 1
  9. markhenry121

    markhenry121 Elite Member

    Joined:
    Oct 14, 2011
    Messages:
    2,149
    Likes Received:
    239
    i will suggest, "Better WP Security plugin" that's good for security.
     
  10. paulwilliams972

    paulwilliams972 Regular Member

    Joined:
    Apr 24, 2012
    Messages:
    370
    Likes Received:
    37
    Location:
    Tester World
    i am using Better WP Security plugin that's Good.
     
  11. bertbaby

    bertbaby Elite Member

    Joined:
    Apr 15, 2009
    Messages:
    2,019
    Likes Received:
    1,496
    Occupation:
    Product marketing
    Location:
    USA
    Home Page:
    Dude, rebuild the site from scratch, load your theme and leave it alone for a few days. Then add your plugins one at a time. You need patience to resolved the issue and remember that one definition of insanity is dong the same thing over and over again in the anticipation of a different result. By the way changing one variable at a time is also at the heart of scientific methodology.
     
  12. spmazon

    spmazon Junior Member

    Joined:
    Jan 21, 2012
    Messages:
    106
    Likes Received:
    38
    Home Page:
    I recommend Better WP Security plugin i found problems like you before. Better WP Security plugin help me solve problem.
     
  13. Pekton

    Pekton Regular Member

    Joined:
    Nov 28, 2009
    Messages:
    250
    Likes Received:
    104
    Location:
    upstate ny
    if your downloading them from http://wordpress.org/extend/plugins/ or from the new plugins search of the admin panel then your plugins should all be good. i'd be looking at your themes , not just the one your using but any that you have installed
     
  14. wpbacklinks

    wpbacklinks Jr. VIP Jr. VIP Premium Member

    Joined:
    Mar 27, 2010
    Messages:
    3,397
    Likes Received:
    1,339
    Gender:
    Male
    Occupation:
    Affiliate Marketer
    Location:
    Everywhere
    Simple, don't download plugins from untrusted sources. only use trusted source: wordpress.org and/or purchase some premium plugins instead of getting the nulled ones.
     
  15. DorZ11

    DorZ11 Junior Member

    Joined:
    Feb 21, 2012
    Messages:
    120
    Likes Received:
    5
    thanks guys I download Better WP Security plugin, ill hope it won't happend again!
     
  16. qrazy

    qrazy Senior Member

    Joined:
    Mar 19, 2012
    Messages:
    1,111
    Likes Received:
    1,712
    Location:
    Banana Republic
    Always download the plugins and themes from wordpress site and not from elsewhere. And check the ratings and reviews of any plugin before you install. If you find any malicious plugin from wordpress site, then report them so that they will remove such plugins from the site.
     
  17. williamk

    williamk BANNED BANNED

    Joined:
    Oct 29, 2009
    Messages:
    1,030
    Likes Received:
    184
    There are some tools in the download section> themes subsection. The thread is sticky, it should help you do basic diagnostics.
     
  18. sudenkon

    sudenkon Newbie

    Joined:
    Jun 18, 2012
    Messages:
    16
    Likes Received:
    0
    Please install only trusted plugin, also check for ratings.
     
  19. backontrack

    backontrack Power Member

    Joined:
    Jun 5, 2011
    Messages:
    517
    Likes Received:
    430
    Occupation:
    Father, Web development
    Location:
    I Love Apricot
    If you still didnt get a good plug in id go with what ugjunk said, It saved my sites like crazy lol.
     
  20. Namun

    Namun Junior Member

    Joined:
    Sep 13, 2008
    Messages:
    136
    Likes Received:
    175
    Don't install untrusted/suspicious plugins or themes.

    To get rid of the "infection" either re-install the site from scratch (with newly downloaded plugins/themes), either manually check each php file.