homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Visit PubCon.com
Home / Forums Index / WebmasterWorld / New To Web Development
Forum Library, Charter, Moderators: brotherhood of lan & mack

New To Web Development Forum

This 34 message thread spans 2 pages: < < 34 ( 1 [2]     
Best Practice Protecting WordPress Against Hackers
My website hacked twice....

 1:58 pm on Oct 24, 2008 (gmt 0)

Guys this is too frustrating, my Wordpress website has been hacked twice and on both occasions I think they are trying to extort me.... the first time I deleted this index file he placed there and then the site was back to normal. I upgraded to the latest version of Wordpress and changed my password.

Then I realized I was hacked a month later. The support people keep saying that I must update my password regularly to protect my domain but this has never happened on any other webhost, like GoDaddy.

Please help me out here guys what do I do...what are the best practices to stop this from happening again?



 7:50 pm on Oct 27, 2008 (gmt 0)

Personally I deleted unused aspects of Wordpress in my installation.(not disabled, deleted) I then disabled anything that wasn't used and non-essential. I've never had problems in years of use. I'm a coder so this is a lot easier for me to say but the point being that limiting access seemed to work for me.


 10:12 pm on Oct 27, 2008 (gmt 0)

BTW, don't confuse WordPress hacks with hacked servers. There are some hosts that are literally infested with sites hacked with hidden links that appears to be a hosting problem, not a WordPress problem.

If you've had this issue you should use Google to see what people are saying about your host as I know a few that are severely infested.


 10:48 pm on Oct 27, 2008 (gmt 0)

I use a host that is known for high security. Sometimes it is a pain to go through the extra steps for something but it is nice to know they work very hard to secure the network.


 3:35 am on Oct 28, 2008 (gmt 0)

One team member isn't nearly enough to validate code for security

Bill I'll have to admit I don't know exactly what the mod validation process is. I do know the guidelines set down are pretty strict to help prevent exploits from creeping in to begin with. It's my understanding the ones that do get rejected are usually because they don't follow the guidelines. There's a team of about 8 mod validators and only about 150 have been validated since about this time last year. They just added some "junior validators" to pre screen mods to help speed up the process.

This 34 message thread spans 2 pages: < < 34 ( 1 [2]
Global Options:
 top home search open messages active posts  

Home / Forums Index / WebmasterWorld / New To Web Development
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved