Please Help!! I lost hope in WordPress!

[Eddie147]

Hi amazing community, I feel lost today. In fact, I've been feeling this way for the past two weeks. I design websites for clients and I lost them all. Everything's been hacked! All the websites are now full with malicious code.

Whenever someone visits one of my websites, they get redirected to spammy websites. I tried restoring from different back-ups, I updated all themes and plugins, installed Wordfence security. Sometimes this clean the website, but next day it's hacked again.

I have 0 knowledge in IT security and malware removal and this has been really frustrating. I 'm clueless and I just hope someone would help me here.

BTW, sometimes I use theme and plugins from here and keep them up to date from here as well.

Pleaaaase someone help me!

 

[Scorp]

Hi amazing community, I feel lost today. In fact, I've been feeling this way for the past two weeks. I design websites for clients and I lost them all. Everything's been hacked! All the websites are now full with malicious code.

Whenever someone visits one of my websites, they get redirected to spammy websites. I tried restoring from different back-ups, I updated all themes and plugins, installed Wordfence security. Sometimes this clean the website, but next day it's hacked again.

I have 0 knowledge in IT security and malware removal and this has been really frustrating. I 'm clueless and I just hope someone would help me here.

BTW, sometimes I use theme and plugins from here and keep them up to date from here as well.

Pleaaaase someone help me!

Check pm

 

[MrNoLimits]

Hi amazing community, I feel lost today. In fact, I've been feeling this way for the past two weeks. I design websites for clients and I lost them all. Everything's been hacked! All the websites are now full with malicious code.

Whenever someone visits one of my websites, they get redirected to spammy websites. I tried restoring from different back-ups, I updated all themes and plugins, installed Wordfence security. Sometimes this clean the website, but next day it's hacked again.

I have 0 knowledge in IT security and malware removal and this has been really frustrating. I 'm clueless and I just hope someone would help me here.

BTW, sometimes I use theme and plugins from here and keep them up to date from here as well.

Pleaaaase someone help me!

This happened to me once in a client's website, luckly my hosting provider makes weekly backups and i was able to restore it without any issue. I never knew what caused it so if you find out, please do let us know to prevent it from happening elsewhere. Thanks!

 

[Tuton]

PM your website

 

[Eddie147]

This happened to me once in a client's website, luckly my hosting provider makes weekly backups and i was able to restore it without any issue. I never knew what caused it so if you find out, please do let us know to prevent it from happening elsewhere. Thanks!

My hosting does provide daily backups, I backed up the websites from different dates when it was working fine, then after like 24 hours or so, the site is hacked again. So, no idea how they got in.

 

[MrNoLimits]

My hosting does provide daily backups, I backed up the websites from different dates when it was working fine, then after like 24 hours or so, the site is hacked again. So, no idea how they got in.

Really strange. I always thought it came from an infected plugin/theme because there was no other way.
Could you please check which plugins/themes have all those websites in common and publish them here? So I can take a look as well.

 

[slvrsteele]

Poor coding is the cause of "hacked" websites in a higher % than already infected plugins/themes or nulled ones.

 

[Eddie147]

Really strange. I always thought it came from an infected plugin/theme because there was no other way.
Could you please check which plugins/themes have all those websites in common and publish them here? So I can take a look as well.

I don't use many plugins. I mostly work with elementor pro, plus addons, woocoomerce and its extensions. Themes: Flatsome, Xstore, Phlox. I think Elementor is the main cause but can't be sure.

 

[Eddie147]

Poor coding is the cause of "hacked" websites in a higher % than already infected plugins/themes or nulled ones.

but I don't code. I just use elementor page builder

 

[smalok]

I don't use many plugins. I mostly work with elementor pro, plus addons, woocoomerce and its extensions. Themes: Flatsome, Xstore, Phlox. I think Elementor is the main cause but can't be sure.

Critical 0-Day The Plus Add-Ons Vulnerability Fixed Under 48 Hours | The Plus Addons for Elementor

The Plus Add-ons was Hit With the Cyber Attack recently. Our Development Team immediately started working on the Patch and Launched a completely Secure &

theplusaddons.com

but I don't code. I just use elementor page builder

Meant was the code that the official developers of plugins and themes fabricate.

 

[RainMaker]

check to make sure your .htaccess or wp-config wasnt hacked.
When fixed install Ithemes Security or Wordfence sucurity from the plugin depository. this normally happens when you have no security or are using plugins with viruses in them.

 

[phaze1G]

The database is infected, that's why it keeps on being hacked..even if you put up the back site...hit me up if you need any help.

 

[MrNoLimits]

The database is infected, that's why it keeps on being hacked..even if you put up the back site...hit me up if you need any help.

This makes sense, but how would they do it only with the db?

 

[phaze1G]

This makes sense, but how would they do it only with the db?

it can be done..i once help out someone..with this kind of issue..3 of his website..fixed them.

 

[KarmaticOne]

The database is infected, that's why it keeps on being hacked..even if you put up the back site...hit me up if you need any help.

@phaze1G is exactly right.

You're infected at the db level and your other sites are being hacked because you are likely using a single cPanel account for all your sites.

To remedy this, split up your sites to their own cPanel accounts and rebuild the sites from scratch.

 

[themadoxter]

@phaze1G is exactly right.

You're infected at the db level and your other sites are being hacked because you are likely using a single cPanel account for all your sites.

To remedy this, split up your sites to their own cPanel accounts and rebuild the sites from scratch.

Geez, i do the same thing, many sites in a single cpanel account, never got hacked.

 

[KarmaticOne]

Geez, i do the same thing, many sites in a single cpanel account, never got hacked.

You're either lucky or are more conscientious.

Most people who have this architecture and experience such attacks are likely exposed due to an infected plugin that buries itself deep in the db like "duplicator-pro".

 

[themadoxter]

You're either lucky or are more conscientious.

Most people who have this architecture and experience such attacks are likely exposed due to an infected plugin that buries itself deep in the db like "duplicator-pro".

I don't even know the duplicator pro was used for this (hacking) but yes, i'm using wordfence, loginizer, 2 step login, virus total, google recaptcha and i change my admin url, daily backups, lock anyone who try to use "admin" word and variations and so on.

 

[themadoxter]

About all this with this poor soul, i hope someday somebody provide me help if I need, You guys are awesome.

 

[Scorp]

I don't even know the duplicator pro was used for this (hacking) but yes, i'm using wordfence, loginizer, 2 step login, virus total, google recaptcha and i change my admin url, daily backups, lock anyone who try to use "admin" word and variations and so on.

All automated right?