1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

I got an infection on Wordpress please help + someone trying to bruteforce me.

Discussion in 'Blogging' started by COLDCASH, Jan 5, 2014.

  1. COLDCASH

    COLDCASH Newbie

    Joined:
    May 28, 2013
    Messages:
    42
    Likes Received:
    8
    Occupation:
    Cook
    Location:
    Quebec, Canada
    Okay people i'm gonna try to be the more specific i can with this.

    I use wordfence and it shows that i've got an infection from http://kv.cm * DO NOT CLICK THIS DO NOT CLICK THIS LINK because i dont know what it will do to your pc its from some Chinese Network.

    Everytime my Updraft plugin does a new backup it get this infection twice.

    Anybody ever experienced this? I dont know what to do an tbh i dont really feel safe about this.

    Plus everyday somebody is trying to brute force my WP. he is getting closer to my Login and this freaks me out what should i do since i cannot change my Login ID!!
     
  2. DKovik

    DKovik Registered Member

    Joined:
    Oct 25, 2013
    Messages:
    54
    Likes Received:
    37
    I want to click that soooo bad.
     
    • Thanks Thanks x 1
  3. TZ2011

    TZ2011 Senior Member

    Joined:
    Jun 26, 2011
    Messages:
    832
    Likes Received:
    864
    Occupation:
    Cleaning servers
    You can change login id. Make another Administrator user (with another name, of course) and some badass password, from that account change privilege level for original admin account and remove it.
    Also, bruteforce can be stopped with one of at least 5 different plugins from free wordpress repository, plugins that you can setup to accept only 2 or 3 login attempts and then block that IP for 24 or more hours.
    Finally, your backup may be dirty with some injected code and you are actually restoring the shit back with your backups.
     
  4. naveen

    naveen Registered Member

    Joined:
    Feb 13, 2010
    Messages:
    52
    Likes Received:
    18
    You just need one plugin to secure your site: http://wordpress.org/plugins/wordfence/ I used to get malicious code injections before and after installing it, never got one. It scans through the respository of WordPress files to check if any file has changed and will let you know. You can replace it with original file with a click. In Wordfence options, check all the boxes under "Scans to include"