I have a network setup - and the site keeps getting hacked. Those mean
cruel people keep setting up new subdomain files. We changed the password,
but it has happened again.
Any suggestions???
-- Susie Nelson
Small Business Consultant, Entrepreneur, and Sales Trainer
651-442-7268
I had a few of my personal sites hacked into and learned the hard way. Unfortunately, it was a lot of trial and error. I would also recommend using http://sucuri.net/ to scan your site (free).
On Monday, July 9, 2012 7:29:07 AM UTC-5, Susie wrote:
> I have a network setup - and the site keeps getting hacked. Those mean > cruel people keep setting up new subdomain files. We changed the password, > but it has happened again.
> Any suggestions???
> -- > Susie Nelson > Small Business Consultant, Entrepreneur, and Sales Trainer > 651-442-7268
> There are some basic things that you get do such as:
> - Don't use "admin" as the administrator username
> - Use plugins that limit login attempts (
> http://wordpress.org/extend/plugins/limit-login-attempts/)
> - Ensure that your file permissions are locked down. For example:
> .htaccess, wp-config, wp-admin, and wp-includes can and "should" (my
> opinion) have different permissions than other files and directories. (
> http://codex.wordpress.org/Hardening_WordPress)
> I had a few of my personal sites hacked into and learned the hard way.
> Unfortunately, it was a lot of trial and error. I would also recommend
> using http://sucuri.net/ to scan your site (free).
> On Monday, July 9, 2012 7:29:07 AM UTC-5, Susie wrote:
>> I have a network setup - and the site keeps getting hacked. Those mean
>> cruel people keep setting up new subdomain files. We changed the password,
>> but it has happened again.
>> Any suggestions???
>> --
>> Susie Nelson
>> Small Business Consultant, Entrepreneur, and Sales Trainer
>> 651-442-7268
>> --
> You received this message because you are subscribed to the Google Groups
> "Minneapolis St. Paul WordPress User Group" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/mpls-stpaul-wordpress/-/A93JBl-0qGAJ.
> To post to this group, send email to
> mpls-stpaul-wordpress@googlegroups.com.
> To unsubscribe from this group, send email to
> mpls-stpaul-wordpress+unsubscribe@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/mpls-stpaul-wordpress?hl=en.
-- Susie Nelson
Small Business Consultant, Entrepreneur, and Sales Trainer
651-442-7268
Susie, I had a site hacked over the weekend, and I am curious to know if there are any similarities to what I experienced - a malware link being added to certain files. What are/were your website's symptoms (example: links embedded into the footer, database hacked, etc.).
On Monday, July 9, 2012 8:49:51 AM UTC-5, Susie wrote:
> THANK YOU!!!!!
> On Mon, Jul 9, 2012 at 9:38 AM, Shea Laughlin <shealaugh...@gmail.com>wrote:
>> There are some basic things that you get do such as:
>> - Don't use "admin" as the administrator username >> - Use plugins that limit login attempts ( >> http://wordpress.org/extend/plugins/limit-login-attempts/) >> - Ensure that your file permissions are locked down. For example: >> .htaccess, wp-config, wp-admin, and wp-includes can and "should" (my >> opinion) have different permissions than other files and directories. ( >> http://codex.wordpress.org/Hardening_WordPress)
>> I had a few of my personal sites hacked into and learned the hard way. >> Unfortunately, it was a lot of trial and error. I would also recommend >> using http://sucuri.net/ to scan your site (free).
>> On Monday, July 9, 2012 7:29:07 AM UTC-5, Susie wrote:
>>> I have a network setup - and the site keeps getting hacked. Those mean >>> cruel people keep setting up new subdomain files. We changed the password, >>> but it has happened again.
>>> Any suggestions???
>>> -- >>> Susie Nelson >>> Small Business Consultant, Entrepreneur, and Sales Trainer >>> 651-442-7268
>>> -- >> You received this message because you are subscribed to the Google Groups >> "Minneapolis St. Paul WordPress User Group" group. >> To view this discussion on the web visit >> https://groups.google.com/d/msg/mpls-stpaul-wordpress/-/A93JBl-0qGAJ. >> To post to this group, send email to >> mpls-stpaul-wordpress@googlegroups.com. >> To unsubscribe from this group, send email to >> mpls-stpaul-wordpress+unsubscribe@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/mpls-stpaul-wordpress?hl=en.
> -- > Susie Nelson > Small Business Consultant, Entrepreneur, and Sales Trainer > 651-442-7268
They actually got into the network and set-up a subdomain website - so it
was a new user added (not with super or admin privileges), and a subdomain
site in place. It's making me wonder if it is coming through the "blog
copier" plugin - but since I'm a marketer - not a developer - who knows??
On Mon, Jul 9, 2012 at 10:49 AM, Toby Cryns
<themightymo.desig...@gmail.com>wrote:
> Susie,
> I had a site hacked over the weekend, and I am curious to know if there
> are any similarities to what I experienced - a malware link being added to
> certain files. What are/were your website's symptoms (example: links
> embedded into the footer, database hacked, etc.).
> Thanks!
> Toby
> On Monday, July 9, 2012 8:49:51 AM UTC-5, Susie wrote:
>> THANK YOU!!!!!
>> On Mon, Jul 9, 2012 at 9:38 AM, Shea Laughlin <shealaugh...@gmail.com>wrote:
>>> There are some basic things that you get do such as:
>>> I had a few of my personal sites hacked into and learned the hard way.
>>> Unfortunately, it was a lot of trial and error. I would also recommend
>>> using http://sucuri.net/ to scan your site (free).
>>> On Monday, July 9, 2012 7:29:07 AM UTC-5, Susie wrote:
>>>> I have a network setup - and the site keeps getting hacked. Those mean
>>>> cruel people keep setting up new subdomain files. We changed the password,
>>>> but it has happened again.
>>>> Any suggestions???
>>>> --
>>>> Susie Nelson
>>>> Small Business Consultant, Entrepreneur, and Sales Trainer
>>>> 651-442-7268
>>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Minneapolis St. Paul WordPress User Group" group.
>>> To view this discussion on the web visit https://groups.google.com/d/** >>> msg/mpls-stpaul-wordpress/-/**A93JBl-0qGAJ<https://groups.google.com/d/msg/mpls-stpaul-wordpress/-/A93JBl-0qGAJ>
>>> .
>>> To post to this group, send email to mpls-stpaul-wordpress@**
>>> googlegroups.com <mpls-stpaul-wordpress@googlegroups.com>.
>>> To unsubscribe from this group, send email to mpls-stpaul-wordpress+**
>>> unsubscribe@googlegroups.com<mpls-stpaul-wordpress%2Bunsubscribe@googlegrou ps.com>
>>> .
>>> For more options, visit this group at http://groups.google.com/** >>> group/mpls-stpaul-wordpress?**hl=en<http://groups.google.com/group/mpls-stpaul-wordpress?hl=en>
>>> .
>> --
>> Susie Nelson
>> Small Business Consultant, Entrepreneur, and Sales Trainer
>> 651-442-7268
> To post to this group, send email to
> mpls-stpaul-wordpress@googlegroups.com.
> To unsubscribe from this group, send email to
> mpls-stpaul-wordpress+unsubscribe@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/mpls-stpaul-wordpress?hl=en.
-- Susie Nelson
Small Business Consultant, Entrepreneur, and Sales Trainer
651-442-7268
Susie,
Do you have access to your server logs? You might be able to figure out
the ip address that created the new user and ban that IP using one of the
plugins mentioned below.
Some other plugins you might install for security:
- WordFence
- Bad Behavior
- Audit Trail
- (there are some Multi-Site-specific ones, but I can't remember their
names off-hand. Perhaps check WPMU.org)
On Mon, Jul 9, 2012 at 10:28 AM, Susie Nelson <susie88...@gmail.com> wrote:
> They actually got into the network and set-up a subdomain website - so it
> was a new user added (not with super or admin privileges), and a subdomain
> site in place. It's making me wonder if it is coming through the "blog
> copier" plugin - but since I'm a marketer - not a developer - who knows??
> On Mon, Jul 9, 2012 at 10:49 AM, Toby Cryns <
> themightymo.desig...@gmail.com> wrote:
>> Susie,
>> I had a site hacked over the weekend, and I am curious to know if there
>> are any similarities to what I experienced - a malware link being added to
>> certain files. What are/were your website's symptoms (example: links
>> embedded into the footer, database hacked, etc.).
>> Thanks!
>> Toby
>> On Monday, July 9, 2012 8:49:51 AM UTC-5, Susie wrote:
>>> THANK YOU!!!!!
>>> On Mon, Jul 9, 2012 at 9:38 AM, Shea Laughlin <shealaugh...@gmail.com>wrote:
>>>> There are some basic things that you get do such as:
>>>> I had a few of my personal sites hacked into and learned the hard way.
>>>> Unfortunately, it was a lot of trial and error. I would also recommend
>>>> using http://sucuri.net/ to scan your site (free).
>>>> On Monday, July 9, 2012 7:29:07 AM UTC-5, Susie wrote:
>>>>> I have a network setup - and the site keeps getting hacked. Those
>>>>> mean cruel people keep setting up new subdomain files. We changed the
>>>>> password, but it has happened again.
>>>>> Any suggestions???
>>>>> --
>>>>> Susie Nelson
>>>>> Small Business Consultant, Entrepreneur, and Sales Trainer
>>>>> 651-442-7268
>>>>> --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Minneapolis St. Paul WordPress User Group" group.
>>>> To view this discussion on the web visit https://groups.google.com/d/** >>>> msg/mpls-stpaul-wordpress/-/**A93JBl-0qGAJ<https://groups.google.com/d/msg/mpls-stpaul-wordpress/-/A93JBl-0qGAJ>
>>>> .
>>>> To post to this group, send email to mpls-stpaul-wordpress@**
>>>> googlegroups.com <mpls-stpaul-wordpress@googlegroups.com>.
>>>> To unsubscribe from this group, send email to mpls-stpaul-wordpress+**
>>>> unsubscribe@googlegroups.com<mpls-stpaul-wordpress%2Bunsubscribe@googlegrou ps.com>
>>>> .
>>>> For more options, visit this group at http://groups.google.com/** >>>> group/mpls-stpaul-wordpress?**hl=en<http://groups.google.com/group/mpls-stpaul-wordpress?hl=en>
>>>> .
>>> --
>>> Susie Nelson
>>> Small Business Consultant, Entrepreneur, and Sales Trainer
>>> 651-442-7268
>> To post to this group, send email to
>> mpls-stpaul-wordpress@googlegroups.com.
>> To unsubscribe from this group, send email to
>> mpls-stpaul-wordpress+unsubscribe@googlegroups.com.
>> For more options, visit this group at
>> http://groups.google.com/group/mpls-stpaul-wordpress?hl=en.
> --
> Susie Nelson
> Small Business Consultant, Entrepreneur, and Sales Trainer
> 651-442-7268
> --
> You received this message because you are subscribed to the Google Groups
> "Minneapolis St. Paul WordPress User Group" group.
> To post to this group, send email to
> mpls-stpaul-wordpress@googlegroups.com.
> To unsubscribe from this group, send email to
> mpls-stpaul-wordpress+unsubscribe@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/mpls-stpaul-wordpress?hl=en.
On Monday, July 9, 2012 10:28:40 AM UTC-5, Susie wrote:
> They actually got into the network and set-up a subdomain website - so it > was a new user added (not with super or admin privileges), and a subdomain > site in place. It's making me wonder if it is coming through the "blog > copier" plugin - but since I'm a marketer - not a developer - who knows??
> -- > Susie Nelson > Small Business Consultant, Entrepreneur, and Sales Trainer > 651-442-7268
