1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

website hacked

Discussion in 'Black Hat SEO' started by runningfree73, Sep 1, 2014.

  1. runningfree73

    runningfree73 Registered Member

    Joined:
    Jun 19, 2013
    Messages:
    61
    Likes Received:
    0
    One of my sites (Wordpress) was recently hacked and all the content was deleted. All that was left was a main index page that redirected to the hacker's own site. I was hoping someone here could offer me advice on how to better protect against any future hacking attempts. I've never had anything like this happen before and the site that was hacked is an expired domain hosted on a $1 hosting account while the rest of my sites are with Hostgator. Is security a problem with cheap hosting accounts?
     
  2. Nut-Nights

    Nut-Nights Jr. VIP Jr. VIP

    Joined:
    Jun 20, 2013
    Messages:
    3,708
    Likes Received:
    2,091
    Location:
    Buy Website
    Home Page:
    Oh wp is not good for security. Here is few tips

    1. Never use too many plugins
    2. Never use any nulled theme
    3. Never keep your wp log in id "admin"
    4. Always use 0 in your passwords
    5. Keep your WP, plugins and themes updated
    6. Never save your password in browser.
    7. Get a wp security plugin.
     
    • Thanks Thanks x 3
  3. Zwielicht

    Zwielicht Moderator in Training Jr. VIP Premium Member

    Joined:
    Aug 31, 2013
    Messages:
    3,847
    Likes Received:
    6,848
    Gender:
    Male
    Occupation:
    Liquidator
    Location:
    Riverside County, California
    Home Page:
    Were you able to restore your website? If not, you should keep regular backups of your SQL database and other files that way you can quickly restore your website. Also, here are some additional tips:


    1. Do not use plugins that haven't been updated in over a year
    2. Run a virus scan on your computer
    3. Backup your SQL database
    4. Backup your files
     
  4. runningfree73

    runningfree73 Registered Member

    Joined:
    Jun 19, 2013
    Messages:
    61
    Likes Received:
    0
    Thanks for the tips. I was able to recover most of my content from the database but it was still a major PITA. The hacker could have easily deleted the database too so I was lucky that didn't happen. There was no backup so I would have been totally screwed if he had. The entire Wordpress installation was deleted so I presume it was my hosting account that was hacked and not just my Wordpress admin.
     
  5. Saviour

    Saviour Junior Member

    Joined:
    Aug 22, 2014
    Messages:
    195
    Likes Received:
    79
    Thank you mate for the list
     
  6. Zwielicht

    Zwielicht Moderator in Training Jr. VIP Premium Member

    Joined:
    Aug 31, 2013
    Messages:
    3,847
    Likes Received:
    6,848
    Gender:
    Male
    Occupation:
    Liquidator
    Location:
    Riverside County, California
    Home Page:
    Wow, well that's great you were able to at least recover most of your content. Good luck with increasing your website's security!
     
  7. dazk2002

    dazk2002 Power Member

    Joined:
    Oct 23, 2012
    Messages:
    706
    Likes Received:
    220
    Location:
    Here and There
    8.Never use 123systems.net I have a cheap hosting account with this company and my site was hacked also. They don't even respond to my ticket.
     
  8. rakesh21

    rakesh21 Registered Member

    Joined:
    Aug 2, 2014
    Messages:
    51
    Likes Received:
    4
    Occupation:
    Photographer
    Location:
    Panipat
    Home Page:
    i recommand plugin BulletProof Security for wordpress!
     
  9. fatboy

    fatboy Elite Member

    Joined:
    Aug 13, 2008
    Messages:
    1,618
    Likes Received:
    3,227
    Occupation:
    Retired
    Location:
    Old Peoples Home
    Do you know if it was just your page hacked or more on the same server?
    If it was more than you then at a guess another account could of had a vulnerability that allowed the attacker to get access to all the accounts on the server.

    Shared hosting is a pain in the ass if:

    1. The hosting company is not shit hot and on top of their server maintenance and for $1 a month I am guessing they don't have the best sysadmins on the books. People who install cPanel and say they are hosts need a good kick in the bollocks, they need to understand sysadmin roles and security.

    2. If one account gets a runaway script then the whole server suffers.

    3. If everyone is using a shared IP address and one site gets a DDoS then again the whole server is stuffed and so your sites go south.

    So, really what I am saying is you can be on top of your game but if everyone around you isn't, you are still at risk - if your site is worth something try looking at your own VPS or dedicated server.

    Just my opinion though :)
     
  10. Clive56

    Clive56 Newbie

    Joined:
    Jul 25, 2014
    Messages:
    18
    Likes Received:
    2
    Sure it is. Cheap and secure don't get along well.
     
  11. th0m4s

    th0m4s Regular Member

    Joined:
    Jul 8, 2013
    Messages:
    243
    Likes Received:
    57
    You might want to setup an external backup script to prevent this in the future.
     
  12. runningfree73

    runningfree73 Registered Member

    Joined:
    Jun 19, 2013
    Messages:
    61
    Likes Received:
    0
    Well, guess what? I'm using 123systems too but they did respond to my tickets so at least their customer service has improved!
     
  13. dazk2002

    dazk2002 Power Member

    Joined:
    Oct 23, 2012
    Messages:
    706
    Likes Received:
    220
    Location:
    Here and There
    It's been a week since my site was hacked but still no response from them. They are absolute shit. Is this the page you get now? hack.png
     
    Last edited: Sep 1, 2014
  14. Clive56

    Clive56 Newbie

    Joined:
    Jul 25, 2014
    Messages:
    18
    Likes Received:
    2
    A backup script wouldn't prevent an hack, it's to guard against total loss of data.
     
  15. runningfree73

    runningfree73 Registered Member

    Joined:
    Jun 19, 2013
    Messages:
    61
    Likes Received:
    0
    Yeah, that's it and my site was also hacked about 1 week ago. I wanted to change my username but they said it wasn't necessary and the advice they gave wasn't very helpful either.