1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

My site over & over again been hacked ... What to do!?

Discussion in 'BlackHat Lounge' started by internetfree, Jul 24, 2012.

  1. internetfree

    internetfree Junior Member

    Joined:
    Dec 27, 2010
    Messages:
    110
    Likes Received:
    43
    Occupation:
    backlinking
    Location:
    Internet
    Home Page:
    Maybe isn't best choice for forum category but... moderators will find the right one for sure. Like in title Over&Over site been hacked.
    So situation is I'm on shared web hosting Name-something (don't wont to promote them) platform wordpress and just with couple plugins install ...

    I contact host support several times before and they say that I must find solution for my problems.After site first time been hacked I erased all hacked files change my passwords and secure site with any possible plugins I can find online.

    So again month or so later site hacked again and hacker/hackers (called Par4noiD) now create a whole page in html and put in my public_html folder.On that page they just live email to contact them and other crap so probably want to pay them some money.Well they can't get any money from me- that site/sites are simple seo testing sites.
    So the thing what is piss... me of most is that I must over & over erasing that files what they make in my public_html folder.I don't have that much time as I working on other projects.

    You guys if you are members/member I'm asking you to don't do again ... thanks

    Anyway if any have any suggestion which I have not think how to make more secure site do just Pm or simple response here.
    Thanks in advance.
     
  2. Duffers5000

    Duffers5000 Elite Member

    Joined:
    Apr 1, 2012
    Messages:
    2,467
    Likes Received:
    7,615
    On wordpress you should try better wp security plug in....but if I was getting hacked like that I would move my hosting to someplace that gave a damn
     
  3. techcrunked

    techcrunked Regular Member

    Joined:
    Aug 12, 2011
    Messages:
    361
    Likes Received:
    112
    never used shared plugin's, or cracked or nulled scripts, themes, unless shared by someone of repute. otherwise it's a surefire way to make your site a bullzeye for hackers
     
  4. tajmahal

    tajmahal Regular Member

    Joined:
    Nov 28, 2009
    Messages:
    294
    Likes Received:
    53
    First thing is to change your hosting account.. if you can afford go with VPS.. little above shared hosting but no measurements in better security..
     
  5. jazzc

    jazzc Moderator Staff Member Moderator Jr. VIP

    Joined:
    Jan 27, 2009
    Messages:
    2,468
    Likes Received:
    10,143
    Your computer is probably infected ;)
     
  6. Donnie Darko

    Donnie Darko Regular Member

    Joined:
    Aug 22, 2007
    Messages:
    229
    Likes Received:
    356
    Location:
    USA
    You didn't give specific info as to what you're using (WP, Joomla, custom-script etc.) so I'm just gonna give some simple guidelines.

    1. Check your .htaccess file
    2. Make sure all the scripts you're using are up to date
    3. Change your cPanel password if you haven't already

    If you give me more details I may be able to be of more help.
     
  7. roamer

    roamer Power Member

    Joined:
    Dec 2, 2008
    Messages:
    500
    Likes Received:
    479
    Occupation:
    Gfx designer, vfx and mgfx
    Location:
    plɹoʍ ǝɥʇ punoɹɐ ƃuıɯɐoɹ
    Follow the security advice given for your web hosting side of things, but just as jazzc mentioned, often times the problem is an infected computer (trojans). Most control panels have an option that allows you to check the last logins to your account, including IP and time. If so, check yours. If you see any suspicious (ie. wasn't you) logins, it probably means the 'hacker' is logging in with credentials stolen continuously from you via a trojan, instead of really hacking his way in via exploits.
     
  8. grego1

    grego1 Newbie

    Joined:
    Sep 5, 2011
    Messages:
    5
    Likes Received:
    0
    google this guy this might help
     
  9. Skywalker

    Skywalker Junior Member

    Joined:
    Nov 2, 2009
    Messages:
    170
    Likes Received:
    42
    Occupation:
    Jedi
    Location:
    Tatooine
    Try these 2 plugins:

    1. Wordpress Firewall 2
    2. Better WP Security

    Each email you when an attack has taken place. Better WP Security will lock the attacker out after multiple attempts to login. Both are good plugins imo.
     
  10. mazgalici

    mazgalici Supreme Member

    Joined:
    Jan 2, 2009
    Messages:
    1,489
    Likes Received:
    881
    Home Page:
    did you chaged your pass after the first hack?
     
  11. gtree

    gtree Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 30, 2009
    Messages:
    1,158
    Likes Received:
    9,993
    Location:
    iN tHe FeEt Of My GuRu
    Home Page:
    contact your web hosting company they will find a solutions
     
  12. internetfree

    internetfree Junior Member

    Joined:
    Dec 27, 2010
    Messages:
    110
    Likes Received:
    43
    Occupation:
    backlinking
    Location:
    Internet
    Home Page:
    Ok thank you guys all! I will try to change my host first then we will see.Like I say I try almost every wp-plugins! This Turkey hacker look to me like me 5-years old child playing with my and other sites. I Google it a little bit about but never mind.
     
  13. BlueZero

    BlueZero Power Member

    Joined:
    Jul 6, 2011
    Messages:
    500
    Likes Received:
    257
    Occupation:
    Webdeveloper, Project Manager
    Location:
    Byte in the Net
    Home Page:
    I was hacked on my VPS too. So what i have done is that i disallowed php function eval. You would need to install php suhosin for that. Another option is to change permission to files and directories so that your apache cant change or create files. But i am not sure if that is possible for you on your hosting.
     
  14. williamk

    williamk BANNED BANNED

    Joined:
    Oct 29, 2009
    Messages:
    1,030
    Likes Received:
    184
    I think you should change your .htaccess file and also check the scripts. Make sure to change all passwords too.
     
  15. UltraPayRX

    UltraPayRX Newbie

    Joined:
    Jul 18, 2012
    Messages:
    3
    Likes Received:
    0
    Occupation:
    Affiliate Manager: UltraPayRX.com
    Home Page:
    I had the same issues with my wordpress site. It is a complete pain! were you keeping your versions updated? its one of those simple things that can happen and feel dumb about... I dont use wordpress much anymore because of this simple reason... its a good reson though!