• You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.

    Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"

Website Been Hacked

netzowl

Member
Jan 13, 2020
70
14
8
www.netzowl.com
Hi all;

Im not posting this thread to talked about my site has been hacked. Just want to share my experience with 2 of my client's website has been hacked. There are malware injected in the files and when you go to the website, it will point to other website.

What i see is they created a new database and change the whole current database and infected all files..

Does anyone faced this problem before?

My 1st client, i used licensed theme from themeforest. 2nd client, i use unlicensed theme from wplocker..

My client consult their hosting provider and what they informed that because of not updating plugins etc..

So guys, in this kind of situation, is it possible to saved the websites? Any suggestions to prevent this kind of attack happen again?

Thanks..
 
  • Angry
Reactions: wp assign
Hi all;

Im not posting this thread to talked about my site has been hacked. Just want to share my experience with 2 of my client's website has been hacked. There are malware injected in the files and when you go to the website, it will point to other website.

What i see is they created a new database and change the whole current database and infected all files..

Does anyone faced this problem before?

My 1st client, i used licensed theme from themeforest. 2nd client, i use unlicensed theme from wplocker..

My client consult their hosting provider and what they informed that because of not updating plugins etc..

So guys, in this kind of situation, is it possible to saved the websites? Any suggestions to prevent this kind of attack happen again?

Thanks..

Which theme you use?
 
scan all files and databases for obscured code
 
Hi all;

Im not posting this thread to talked about my site has been hacked. Just want to share my experience with 2 of my client's website has been hacked. There are malware injected in the files and when you go to the website, it will point to other website.

What i see is they created a new database and change the whole current database and infected all files..

Does anyone faced this problem before?

My 1st client, i used licensed theme from themeforest. 2nd client, i use unlicensed theme from wplocker..

My client consult their hosting provider and what they informed that because of not updating plugins etc..

So guys, in this kind of situation, is it possible to saved the websites? Any suggestions to prevent this kind of attack happen again?

Thanks..
Were these sites both on the same server? It would suggest the host's firewall isn't strong enough, for both to have been hacked, but also, it might be that they are not using the CageFS system, which isolates each account to prevent cross hacking of accounts.
If the latter is the case and you are on a shared server, it is entirely possible your clients sites were hacked as a result of someone else's infected site
 
My 1st client, i used licensed theme from themeforest. 2nd client, i use unlicensed theme from wplocker..

Thanks..
These clients hosted same hosting or server? May 2nd client's theme has vulnerable and effects others.
 
Were these sites both on the same server? It would suggest the host's firewall isn't strong enough, for both to have been hacked, but also, it might be that they are not using the CageFS system, which isolates each account to prevent cross hacking of accounts.
If the latter is the case and you are on a shared server, it is entirely possible your clients sites were hacked as a result of someone else's infected site

Nope both use different server from different hosting company
 
Simple option to get back to clean state is restore an old backup dated back when site was clean.
Most hosting providers have Acronic automated backup system or R15 or some other daily backup system provided for every client including shared hosting clients. Make use of it and restore an old backup from this daily backup server.

And after restoring backup, just secure your websites with higher security.
Some of them are basically to use a stronger password, use two factor authentication for cPanel login and also on websites.
Use directory privacy setup inside cPanel for all sites hosted under it. So, whenever someone tries to login to your wp-admin link, it will popup an additional dialog box with username and password you have chosen for directory privacy and only after successful login of that dialog box, the wp-admin login page will appear for the wordpress site.

Also, change default admin username to something non common. And change the wp-admin login link to something different.
 
  • Like
Reactions: vijihel
AdBlock Detected

We get it, advertisements are annoying!

However in order to keep our huge array of resources free of charge we need to generate income from ads so to use the site you will need to turn off your adblocker.

If you'd like to have an ad free experience you can become a Babiato Lover by donating as little as $5 per month. Click on the Donate menu tab for more info.

I've Disabled AdBlock