I was hacked on a non WA Blog today
Best defense against Hackers on your blog is WordFense WP Security.
My blog at the thefreeguru.com was hacked overnight and the hackers left malware in 3 different spots entering through a disabled plugin on my site I forgot to delete. They has FTP access and messed with other plugins but thanks to Wordfense I knew every place they touched and was able to fix the issues within minutes instead of hours or days.
My site now has a clean bill of health before Google even knew there was a problem thanks to this powerful free plugin. As soon as I can afford to do it I will be going pro on Wordfense.
Andy Zeus Anderson
Recent Comments
36
Kyle that is something I did not know about plugins. Do you recomemend do a flush that was talked about earlier in the post. I do regular mac maintenance on my mac.
I've never had a moment's worry with WA hosting. And I"m hosting and running a site for someone who would have a meltdown if the site got hacked.
I think you should know that the link you provided above seems to lead to a site that sells domains, not to your blog.
I think you may have bigger problems than a WP plugin.
Good luck.
I have to remember that plugin. That could have been a nightmare to get rid of them. Thanks for sharing Andy.
Thanks for sharing this tip, good to know you could work on it fast and your site is safe again.
Hi Andy,
Sandy, I'm back again. I admire you so much! I would not even know Someone was hacking me! As I stated a minute ago, you came to WA with buckets of talent.
Sincerely Sandy
I believe it was a WA member's blog I learned of the plugin on in 2016 and it has saved me some headaches because a malware detection from Google or McAffee blcoks your site from search until you can get them to scan again and see your cleaned site. At least 2 weeks your site shows a warning to every subscriber and reader. It can cost you hundreds to fix and this plugin shows me that those fixing the site may charge you $200 to $300 for a simple scan and 20 minutes of actual work.
WOW!! I'm glad you caught it in time! No one can be too careful these days! Good luck going forward.
WOW!! It goes to show that you can't be too careful these days! Good luck to you and to all of us! If we keep alert, we will keep ahead of the bad guys.
I think sites on WA have some form of protection, SiteProtect (Spam Blocker). I don't know how this compares to your plugin, but I heard it said that the one on WA is pretty good.
Spam blocker protects from comment SPAM it doesn't have it's own firewall and security suite. WA likely has a firewall for their servers but I see nothing on a site level basis to warn of core changes and scan against the Wordpress Repository for file changes.
I see. That doesn't sound like good news at all. It would be a disaster if sites on WA were attacked!
Yeah, the other day there was an NSA Alert on Cyberattacks out of Russia and that site just caught part of the attack. I have had an influx of Russian and Chinese IP's blocked lately trying to brute force the server. This was an exploit of an old plugin though so it could be unrelated but it is a strong coincidence.
That's great news! Not that you were hacked but that plug in worked so well!
Tried and True
Elaine
Yes this is not the first time a site has been hacked but it's been years because of their extensive security package. I was not as lucky in my days before WordFense.
Wow thanks for the tip! I have it installed on one site but never understood what it was for. That makes sense!
Make sure to read the reports that show up in yellow and take the action steps. They will let you know if anything has been changed on the site. You can set a daily scan and when an event happens you can rescan once it's clear to make sure you got everything and have a clean bill of health.
See more comments
The fact that you got hacked and that you have Wordfence installed to me is problematic.
Users here on WA hosting do not need Wordfence or any other plugin for that matter. By default you have the ultimate in security and protection for all of your sites on the hosting platform here through SiteProtect.
A plugin is an ineffective way to block intruders, this needs to be done on the hosting level. In fact plugins can create more holes than they block.
Yeah as stated this was a non WA site and the warning is more of a what happened to me because I don't know what was in place here.
Knowing you have tools in place for this I may also move that blog over if I don't decide to combine them both and save trying to maintain multiple blogs.
Thanks Kyle that’s very reassuring
Trevor
I'm glad That I came across this post Kyle! I have known also about the protection you provide that is second to none! When I buy my own domain as outlined in level 2, I will know more about the problemmatics of plugins and security.
Absolutely agree. Defending sites is the task of the Web Hosts.