Despite the note that Babiato files are virus-free, I have suffered an attack from malware that has left me 13 unusable websites. Can someone around here help me clean and secure the websites?
-
You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.
Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"
my server was hacked!!!
- Thread starter hguerrah59
- Start date
can you go into more details? such as what plugins and theme you were using were you downloaded them what security plugin you were using and what malware your getting that way we can t look at the problem better
I download all the plugins from babiato. There are 13 different sites, two use Creta, others use elementor flower kit, camellia etc. for wpcerber security
can you provide the exact link to those resources if you can
What hosting company are you using? Does all 13 sites are affected ? Are all 13 sites hosted in the same hosting account/server account? any screenshot of your hacked website?
Iv been hacked before and I never heard of someone uploading just htaccess with deny all (mostly got all deleted or redirected indexes)... But my hosting provider did it for using nulled scripts also there is also a chance for the script owner to find out you are using nulled version of his code and backdoor it... But please be more specific give us the links of the scripts you were using also give us some screenshots we cant help otherwise.
the provider: mochahost. all are in the same accunt. I can't provide screenshot because cant'n access to my account
There is a livechat on the top right corner, did you try contacting them for help ?
Just try and check every directory in any of your websites I think you have a PHP shell uploaded in one of the websites and the hacker have taken the control of all your websites with just that file. This can happen not only because a theme or plugin is infected, but it can also happen just because a plugin have a bug on it and not because it is nulled or not. I suggest you to transfer your websites with Namecheap hosting. They are really secure and even if someone can upload a shell, or you upload an infected theme / plugin / script their system will automatically detect it and quarantine the infected file.
The mistake you made is that you never use wordfence plugin to protect your site from all manner of attack...
That is what I do normally when I used null plugin..
I do use less null plugin also..I don't make all theme or plugin hmm!! Null plugin..
Stay bless
That is what I do normally when I used null plugin..
I do use less null plugin also..I don't make all theme or plugin hmm!! Null plugin..
Stay bless
there is a lot of plugins free ones that will protect your site from getting any change in code you can uses it next time
better if you want using nulled, download nulled plugin that have untouched version, so you can compare what file that change, i using meldmerge to compare between scripts.
Been a few days on a cloud hosting. I started seeing many such attempts from USA / Canada / Japan / Russia (almost at an interval of 20secs) to try to login/access my website/admin panel. Although Cloudflare is doing it best to block them as per the screen shot. I wonder why are all these attempts being made or are they normal ? Website is not yet released to the world. Pls advice ---> I have it as best possible covered using the protocols at Cloudflare Firewall using my Static IP my Servers are proxied as well.
I have seen many GET posts from my own server using wp-cron or wp-ajax calls.
Similar threads
