Websites in my shared hosting server getting hacked

Tremonade

Regular Member
Joined
Apr 21, 2020
Messages
211
Reaction score
106
I am using shared hosting from crocweb (a Canadian hosting company) and in the past year, my websites have been hacked by a group/person called xNight.

I'm not using any nulled themes, but the first time it happened was because of a nulled theme, so I stopped using it. Last time it happened was a week ago and the only theme I used was from Festinger's Vault, but I don't think using a theme from there would cause any issues.

But my question is, how can all the websites under my Cpanel get hacked? Is this because of a WordPress website getting hacked or the hosting provider getting hacked?

How do I stop this?

This is not my website but this is exactly what my website looked like when t got hacked: https://storehub.app/
 
If all the websites are on the same cPanel, they have access to all your domains. If other clients of the hosting provider have this issue, then is a hosting problem.

Probably the plugins you are using have vulnerabilities (bugs).
 
If all the websites are on the same cPanel, they have access to all your domains. If other clients of the hosting provider have this issue, then is a hosting problem.

Probably the plugins you are using have vulnerabilities (bugs).
I see. The plugins that I use are all downloaded from WordPress, only the theme is from Festinger. Will adding WordFence on all sites help?
 
I don't think its hosting hacked. Its your wordpress which is hacked.

You need to regular update your wordpress, plugins and theme + never use any null version of plugin or theme.
 
I have used shared hosting for years with 5-6 different hosts. The only time I got hacked was when I wasn't using Wordfence immediately on install and left it a couple days and had a weak password. Except one bad employee stole my entire site on one host and duplicated it for a PBN. Multiple brute force attempts without rate limited obviously is what caused it on my early ventures. My fault. However, after that no issues and in the htaccess file you can control a lot of what occurs, I have added all sorts of code in. If you don't have bandwidth issues, you can block certain countries you suspect, and limit login attempts, and log in ID's. Did you test by switching to another theme like the free ones on WP? You might do that if you suspect theme or plug in's.

Use Bill Minozzi's Stop Bad Bots and Anti-Hacker Plug in which blocks xml-rpc logins, user renumeration, etc. and make sure you create really long crazy and different passwords on WP and your cPanel login. Also, if you have a good host they will send an email on every cPanel login and wordfence will alert you to recent log in's.
 
I see. The plugins that I use are all downloaded from WordPress, only the theme is from Festinger. Will adding WordFence on all sites help?
Contact your host support they will investigate and tell you exact reason from where they enter on your site.
 
I don't think its hosting hacked. Its your wordpress which is hacked.

You need to regular update your wordpress, plugins and theme + never use any null version of plugin or theme.
+1, but if you really think it is your host, guess what? It's time to switch hosting.

I was struck with DDOS by one of my competitors, or perhaps not, but my site has a lot of traffic, and I was hit with DDOS as well. My host @DamoHG was quite helpful in this case, and while I have never been hacked, a competent host can assist you mitigate such situations or at the very least inform you what is wrong.
 
On the very first when you use that theme they get into your Cpanel now if you clean the websites they still can ha.ck again and destroy your websites

For a time-saving solution, Just switch to new secured hosting with new websites or just copy the design of pages from that hosting. DO NOT migrate the whole website's files or database from there then it might be possible for them that they can do it again, and I don't think @Festinger has to do anything with it

In the websites use the Wordfence plug in and Anti-Hacker plug in which block the xml-rpc logins for the security and safety of the website
Thanks
 
Back
Top