WebFaction
Community site: login faq

Multiple sites hacked twice in one month: what am I doing wrong?

0

This is the second time in a month that I've been maliciously hacked; this time it's spread across almost all my domains on my WebFaction account. I'm diligent about keeping my WordPress installs up to date, and my passwords reasonably elaborate.

Last time this happened, I:

  • changed my SSH, database and control panel passwords;
  • checked my cron jobs;
  • confirmed I didn't have any public or private keys to ssh into the server.

Anything else I should be doing? I don't have any account access at the moment, so I can't do much else, but... well, what else is there to be done? I'm using 25-character random passwords like i(97JK{a],dklkfIWM!@~79uIKBb, not like "password" or "mydogfred" or whatnot. I'm at a loss.

asked 13 May '12, 08:28

mattshepherd
4551930
accept rate: 0%

One Answer:
active answersoldest answersnewest answerspopular answers
0

Hi Matt,

For popular applications such as WordPress, you need to stay on top of the newly discovered vulnerabilities and update WordPress, its themes and plugins as soon as possible.

I've investigated your last incident and found the vulnerability that was used - a theme in one of your sites had a vulnerable search form processor (searchform.php).

In other words, just updating WordPress to the latest version is not enough, you need to make sure that your themes and plugins aren't vulnerable as well.

permanent link

answered 13 May '12, 09:55

todork
1.2k5
accept rate: 34%

edited 13 May '12, 11:05

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Question tags:

×45
×5
×1

question asked: 13 May '12, 08:28

question was seen: 3,183 times

last updated: 13 May '12, 11:05

Related questions

How to password protect Django "python manage.py runserver [port]" on Webfaction when I can't use httpd.conf/.htaccess

Django Protected Photos / Images / Download

SSH publickey no longer works for me on web236

Secure storage of user passwords

How to let a SSH user change/choose their own password

How to recover a lost root password for a private MySQL instance?

"Logging out" from a password protected AWStats application

password protect site with .htpasswd file dont work

Wordpress Extra Info password not working

How come I was able to add my domain name and create a website on it without providing credentials?

                              
WEBFACTION
Home
REACH US
Email
SUPPORT
Control panel
Documentation
Q&A community site
Status blog
Support tickets
LEGAL
Terms of service
Acceptable use policy
Privacy policy
List of Data Subprocessors
Cookie Policy
Data Protection Addendum
Migration FAQ
© COPYRIGHT 2003-2021 SWARMA LIMITED - WEBFACTION IS A SERVICE OF SWARMA LIMITED
REGISTERED IN ENGLAND AND WALES 5729350 - VAT REGISTRATION NUMBER 877397162
5TH FLOOR, THE OLD VINYL FACTORY, HAYES, UB3 1HA, UNITED KINGDOM