WebFaction
Community site: login faq

Multiple sites hacked twice in one month: what am I doing wrong?

0

This is the second time in a month that I've been maliciously hacked; this time it's spread across almost all my domains on my WebFaction account. I'm diligent about keeping my WordPress installs up to date, and my passwords reasonably elaborate.

Last time this happened, I:

  • changed my SSH, database and control panel passwords;
  • checked my cron jobs;
  • confirmed I didn't have any public or private keys to ssh into the server.

Anything else I should be doing? I don't have any account access at the moment, so I can't do much else, but... well, what else is there to be done? I'm using 25-character random passwords like i(97JK{a],dklkfIWM!@~79uIKBb, not like "password" or "mydogfred" or whatnot. I'm at a loss.

asked 13 May '12, 08:28

mattshepherd
4551930
accept rate: 0%

One Answer:
active answersoldest answersnewest answerspopular answers
0

Hi Matt,

For popular applications such as WordPress, you need to stay on top of the newly discovered vulnerabilities and update WordPress, its themes and plugins as soon as possible.

I've investigated your last incident and found the vulnerability that was used - a theme in one of your sites had a vulnerable search form processor (searchform.php).

In other words, just updating WordPress to the latest version is not enough, you need to make sure that your themes and plugins aren't vulnerable as well.

permanent link

answered 13 May '12, 09:55

todork
1.2k5
accept rate: 34%

edited 13 May '12, 11:05

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Question tags:

×45
×5
×1

question asked: 13 May '12, 08:28

question was seen: 3,134 times

last updated: 13 May '12, 11:05

Related questions

Change password for admin in Plone 4 / Zope

SSH lockout after incorrect password

Cannot login to email accounts and cannot change passwords

How to change password for sftp user?

How to get password plugin with roundcube working on Webfaction hosting

my wordpress index.php is hacked?

Generated password for mailbox

Can mailbox users be authenticated to allow mailbox configuration?

Got Hacked, Now Can't Send Email

Why we need to hide .htaccess on our own?

                              
WEBFACTION
Home
REACH US
Email
SUPPORT
Control panel
Documentation
Q&A community site
Status blog
Support tickets
LEGAL
Terms of service
Acceptable use policy
Privacy policy
List of Data Subprocessors
Cookie Policy
Data Protection Addendum
Migration FAQ
© COPYRIGHT 2003-2021 SWARMA LIMITED - WEBFACTION IS A SERVICE OF SWARMA LIMITED
REGISTERED IN ENGLAND AND WALES 5729350 - VAT REGISTRATION NUMBER 877397162
5TH FLOOR, THE OLD VINYL FACTORY, HAYES, UB3 1HA, UNITED KINGDOM