Hacked/cloaked sitemap [closed]
Hacked/cloaked sitemap [closed]
Hacked/cloaked sitemap [closed]
Strings of malicious code to look for after a hack
WordPress Redirect Hack
Look at all of the ‘related’ links to the right of your question for help with a hacked site. I would reinstall everything (WP, themes, plugins), check htaccess files (in all folders, not just the site root folder), change all site access passwords (ftp, host, email), check your local computer, look for unexpected files (in … Read more
I’ve cleaned up a few hacked sites, and have developed my own personal procedure here. But there are many googles on how to clean up. The basics are change the passwords of everything (hosting, database, FTP, users), reinstall WP and all themes/plugins from a known good source (WP repository), and manual inspection for bad files. … Read more
This is a great article on WordPress security, loads of great advice… https://codex.wordpress.org/Hardening_WordPress. I’d follow the advice in the article above, and make sure to change all your passwords for FTP, blog login, etc so they’re all unique, long and random.
They run it on your server, just like any other script runs (including WordPress). In the log you provided, it looks like the hacker knew your password. Perhaps you are using the same password on other sites, and he somehow gained access to one of them? Always set different and complex passwords; combine a large … Read more
I’d guess that there is some rogue code on your site. (Assumption, since I don’t know your site URL.) You’ll need to check everything: update (from known good source) everything (WP, themes, plugins), then look at each folder for a file that doesn’t have the current date (since you just updated everything). Change the credentials … Read more
WordPress installer attack
Bruteforce attack from 127.0.0.1?