My wordpress based website has been hacked again and again. Code injected into my header, due to this webiste redirects to another site or sometimes down.
Targeted folders are wp-content and wp-uploads.
Target files are index.php , wp-blog-header.php , wp-config.php
Hacker also upload files into wp-upload or wp-content folder.
I am very frustrated from past 3 months. My business is down, Could please someone help me out.
could not diagnos from where it comes from.
plugins i used are wordfence, elementor, yoast, simplessl, wp-optimize, social chat, contact form 7 , hide/remove meta data , limit login attempts, Prevent XSS Vulnerability ,
I even disabled all plugins, just active wordfence plugin to idenitfy infected files. but it does not worked. I changed theme, purchased theme but does not work.
2
Answers
It’s hard to tell when it comes to hacking – they can enter your website from many areas. Here are a few key steps to consider, and some things you can do now.
Change passwords – bob123 is not a password. Don’t use the same password twice. EACH password you use must be unique. I would recommend using a password management software – and using long complex passwords.
Change your passwords on the hosting platform you use (since they can access you from there) and change your password on WordPress – make sure you are the only admin – or have all admin change their password.
Update all plugins/themes
Make sure you have everything updated, including plugins, themes, and WordPress, and have the newest compatible PHP on your hosting. Everything needs to be updated.
Disable ports your not using.
If you are able to, on the hosting side of your WordPress – disable all ports except for HTTP port and HTTPS port. If you use FTP – make sure you configure it so only your IP address is used. ANY port other than HTTP or HTTPS that you not using directly, should be deactivated.
Unfortunately, this is not close to an exhaustive list. But these 3 points should help limit another hacking attempt. If a hacker has already entered your WordPress site, it’s possible he/she installed a backdoor (some executable file – to remote access your device).
Some things you can do.
Use wp-scan to scan your WordPress site for any issues it finds. I don’t believe this will find malware – but it will assist with seeing any known vulnerabilities that you can fix right away.
For malware scan- just do a search online – many options to assist with that – some include Jetpack and other plugins.
WordPress has 2FA, and so do several web hosting services. I’d recommend activating 2FA where you have it. Also, make sure the machine you’re working on has virus protection – at least Windows defender if using PC.