Author Topic: Help! My website got hacked  (Read 1758 times)  

Offline m.a. petterson

  • Status: Arthur Conan Doyle
  • ****
  • Posts: 509
    • View Profile
Help! My website got hacked
« on: August 15, 2018, 07:36:12 am »
My website was recently hacked and is now redirecting visitors to another site that is not mine.

My host is Hostgator. When I asked for their help they passed me on to Site Lock Web Security, who claim to be their security partner.

Site Lock tells me the problem is WordPress.

Site Lock tells me they can fix the problem and prevent future problems for anywhere from $65 to $79 per month on a continuous basis. For just the one site.

My website was designed by Faus, who has designed several other authors' sites here. He did a nice job. On his suggestion I moved a couple of the sites he designed to Hostgator a few years ago. Unfortunately, Faus has not responded to a couple emails I sent asking for help so I assume he is out of business.

Any advice, input, or other counsel from this community will be greatly appreciated.



m.a. petterson | website

KBoards.com

  • Advertisement
  • ***

    Offline Beady

    • Status: Dr. Seuss
    • *
    • Posts: 12
    • Gender: Male
    • UK
      • View Profile
      • Bernard Davis Books
    Re: Help! My website got hacked
    « Reply #1 on: August 15, 2018, 07:40:56 am »
    If the problem is WordPress, then contact WordPress immediately an issue like that could affect thousands.
    It sounds more like some sort of scam anyway.

    Regards,
    Bernard D
    Luck in a Pickle: 18%

    Unwelcome visitors: 12%
    Beady | Beady's Books

    Offline AltMe

    • Status: A A Milne
    • ******
    • Posts: 4646
    • Gender: Male
    • WriterSanctum
    • Off the VS rocker.
      • View Profile
    Re: Help! My website got hacked
    « Reply #2 on: August 15, 2018, 08:17:15 am »
    If Wordpress is a free version installed on your site, its one of the easiest things around to hack. Total removal of Wordpress is the only cure. Not only that but remove anything using php. Unless you keep these up to date, (and most people dont) the hackers find a new way in. If you dont keep php up to date, the hackers get in.


    I used to have 2 Wordpress Blogs, and 5 php forums. All gone now, since one hacker got in and infected all of them. Total deletion was the only way to get rid of the infection. I saved the databases, but never tried to rebuild them, since its the base code which is vulnerable.

    For Wordpress, you need to be using their site, not yours. Simply because they keep their own completely updated.

    There is no point in hiring someone to remove the infection, since the next hacker to find your site will just do it all over again.



    Gone to WriterSanctum.

    I do not consent to the new TOS, and do not give my consent by posting and maintaining my membership here.

    *** Warning: If you are reading this post more than 6 months after it was posted, the information in it is out of date, and useless to you. The eBook market changes rapidly, and advice more than 6 months old is out of date. Use at your own risk! ***

    Offline Justawriter

    • Status: Arthur C Clarke
    • *****
    • Posts: 2881
    • MA
      • View Profile
    Re: Help! My website got hacked
    « Reply #3 on: August 15, 2018, 08:23:13 am »
    This happened to me a while back and I did not want to pay the 1200 that sitelock asked for.

    Are you able to get into your site? If not then you may need to get into wordpress to change your password. Once you get into your site, download wordfence free plugin.

    Then run it, and it will remove your malware and your site should be as good as new within a day. Wordfence is awesome, and free.

    Offline AugFul

    • Status: Madeleine L'Engle
    • **
    • Posts: 86
      • View Profile
    Re: Help! My website got hacked
    « Reply #4 on: August 15, 2018, 09:59:55 am »
    I run four WordPress sites on a web host account and have never been hacked. You have to keep your WordPress site updated (they release an update approx. every two weeks). Also keep a current backup of your WordPress files and a copy of the MYSQL database (in the event you are hacked, you'll have a clean copy). And, of course, always have a decent password and change it frequently.

    Offline Used To Be BH

    • Status: Dostoevsky
    • ******
    • Posts: 3694
    • Gender: Male
      • View Profile
    Re: Help! My website got hacked
    « Reply #5 on: August 15, 2018, 10:09:07 am »
    I run four WordPress sites on a web host account and have never been hacked. You have to keep your WordPress site updated (they release an update approx. every two weeks). Also keep a current backup of your WordPress files and a copy of the MYSQL database (in the event you are hacked, you'll have a clean copy). And, of course, always have a decent password and change it frequently.
    I'd agree. Wordpress is pretty good at addressing new security threats quickly, though, as others have said, it's critical to keep everything updated. I think it's hacked more often partly because it is so widespread. After all, Netcraft's survey suggests that 27% of all internet sites are Wordpress (that's 75,000,000 targets). Typically, hacking stats are skewed by the size of the platform.

    It's also important to have a hosting provider who takes security seriously. Mine updates Wordpress core files automatically if I don't do it fast enough.
    I have not consented to the new Terms of Service, which were implemented without any announcement and without the ability to accept or reject them. My continued participation on the forum is related only to addressing this issue and cannot be construed as implied consent.  9/19/2018

    Offline C. Gold

    • Status: Dostoevsky
    • ******
    • Posts: 3582
      • View Profile
      • Golden Elm Publishing
    Re: Help! My website got hacked
    « Reply #6 on: August 15, 2018, 10:20:03 am »
    I had my host update the php and ever after, WordPress automatically installs the updates. Which is fine by me because someone used a bug to put code on my pages when I was slow to update one time. It was easy enough to remove, but I had to look for that code snippet on any pages with a comment field. I removed the ability to leave comments because that part was just too vulnerable to spammers and hackers. I also make sure to secure all the files and folders to the recommended permission settings. There are many security plugins to choose from as well to lock everything down and ban IPs of people who spam trying to find your password. Also, make your password difficult to brute force. Back everything up in case you have to wipe and start over.

    Offline AuthorX

    • Status: Jane Austen
    • ***
    • Posts: 329
      • View Profile
    Re: Help! My website got hacked
    « Reply #7 on: August 15, 2018, 10:36:56 am »
    The Hostgator/Sitelock thing is basically a scam. If your site is compromised, Hostgator will eventually take down your site completely and demand you use Site Lock.


    If you're going to stick with Wordpress, DON'T USE HOSTGATOR or any other host associated with Sitelock. It is in their best interest that your hosting get compromised, so they will not provide adequate security or support, so they can rope you into paying more for that Sitelock BS.

    The only solution is to change web hosts or convert your site to HTML. If you run Wordpress on Hostgator, you will have problems no matter what you do until you purchase their Sitelock crap.

    Offline Anarchist

    • Status: Arthur C Clarke
    • *****
    • Posts: 2945
    • Methodological individualist
      • View Profile
    Re: Help! My website got hacked
    « Reply #8 on: August 15, 2018, 10:43:54 am »
    If you're going to stick with Wordpress, DON'T USE HOSTGATOR or any other host associated with Sitelock. It is in their best interest that your hosting get compromised, so they will not provide adequate security or support, so they can rope you into paying more for that Sitelock BS.

    This.

    It's like getting your car smogged at a place that offers smog repairs.


    The only solution is to change web hosts or convert your site to HTML. If you run Wordpress on Hostgator, you will have problems no matter what you do until you purchase their Sitelock crap.

    Yup. When it comes to security, a good host will have your back.

    Most WP hacks are done by brute-force bots. They're unsophisticated. Plug the easily-exploitable holes (outdated plugins, for example) and you should be fine going forward.

    Oh, and PamelaKelley mentioned Wordfence. I second that emotion.

     
    "Opportunity is missed by most people because it is dressed in overalls and looks like work." - Thomas Edison

    "Strategy without tactics is the slowest route to victory. Tactics without strategy is the noise before defeat." - Sun Tzu

    Offline KZoe

    • Status: Dr. Seuss
    • *
    • Posts: 23
      • View Profile
    Re: Help! My website got hacked
    « Reply #9 on: August 15, 2018, 11:26:30 am »
    I have lots of (unfortunate) experience here and might be able to help.

    Are you able to log into your site? Can you get to your WP dashboard?

    My website was recently hacked and is now redirecting visitors to another site that is not mine.

    ---

    Any advice, input, or other counsel from this community will be greatly appreciated.

    Offline starkllr

    • Status: Arthur Conan Doyle
    • ****
    • Posts: 670
      • View Profile
    Re: Help! My website got hacked
    « Reply #10 on: August 15, 2018, 11:40:03 am »
    I got hacked a while back (host my own WP installation, and GoDaddy ultimately is the hosting company), and I installed the WordFence plugin, which dealt with the initial problem, and has prevented all further hacks to date:

    https://www.wordfence.com

    I also installed WP Hide Login, which replaces the www.yoursite.com/admin login page with something else you choose (and which theoretically hackers won't guess), and that also works really well:

    https://wordpress.org/plugins/wps-hide-login/

     
    What if you could see everyone else's dreams?
    J.J. DiBenedetto | Blog | Facebook | Twitter | Smashwords | Goodreads

    Offline Nobody222

    • Status: Lewis Carroll
    • **
    • Posts: 136
      • View Profile
    Re: Help! My website got hacked
    « Reply #11 on: August 15, 2018, 11:45:33 am »
    To those who mentioned Wordfence. Are you talking about the free version, or the paid version?

    I've installed the free version a while ago when I got multiple "spammy sign ups" to my mailing list, and when I check the stats, it says that it blocks around 3 million hacking attempts per day! Is this even correct? It doesn't make any sense, especially since I don't even have 0.1% of those visits per month!

    Offline Lynn McNamee

    • Status: Dostoevsky
    • ******
    • Posts: 3988
    • Gender: Female
    • Carolinas
      • View Profile
      • Red Adept Publishing
    Re: Help! My website got hacked
    « Reply #12 on: August 15, 2018, 11:49:56 am »
    One of my Wordpress sites got hacked a few months ago. I'm with JustHost. They told me to contact SiteLock, which I did. SiteLock now has me locked in for a year at $35/month.  :-[

    After my second site got hacked a week later, I installed Wordfence, which is free. It cleaned all the issues, and I was able to stay on top of the problem when the hackers tried several more times.

    You can get Wordfence as an add-on right from your Wordpress Dashboard. Of course, Wordfence also has some paid options, but I haven't needed those.

    Offline Anarchist

    • Status: Arthur C Clarke
    • *****
    • Posts: 2945
    • Methodological individualist
      • View Profile
    "Opportunity is missed by most people because it is dressed in overalls and looks like work." - Thomas Edison

    "Strategy without tactics is the slowest route to victory. Tactics without strategy is the noise before defeat." - Sun Tzu

    Offline Nobody222

    • Status: Lewis Carroll
    • **
    • Posts: 136
      • View Profile
    Re: Help! My website got hacked
    « Reply #14 on: August 15, 2018, 12:11:20 pm »
    Amazing post, thanks!

    One little question: What's the best way to add the 2-factor authentication? I've checked your link, and it says "To enable Two Step Authentication, head on over to the new Security tab in your WordPress.com account settings, and go through the setup wizard." but I can't find it on my website. Is that some plugin?

    Plug-ins are your biggest risk. Be sure to delete any you are not using, and update the rest on a regular schedule. If they can't be updated (abandoned) find a new one. I agree that Wordfence is awesome, and it will notify you when a plug-in and/or Wordpress needs updating.
    https://www.wordfence.com/blog/2016/03/attackers-gain-access-wordpress-sites/

    Use two-factor authentication, so Wordpress sends a code to your cell phone before you can log in. That way, if a brute force attack discovers your password, the hacker still can't get in.
    https://en.blog.wordpress.com/2013/04/05/two-step-authentication/

    Here's a brief note of what Matt Mullenweg, a founding developer of Wordpress, has to say about making your WP site less vulnerable than 99% of the rest.
    https://ma.tt/2013/04/passwords-and-brute-force/

    Don't use "admin" as your user name. Don't use your email, or your own name, or your domain name, etc. Use a complicated and random code similar to a password. Something like this:  *[email protected]^Zs$j*96#a5;wk1!z)

    Install the WordFence plug-in. It's free and it works great. Learn about the features and set it to automatically block and/or throttle threats.

    Find new hosting. Your current host used to be good, for a while, years ago, but it was bought up by a gigantic hosting corporation. You might want to contact SiteGround dot com, tell them your problem and ask if they could move your website to their hosting, which would entail them going into your cPanel, changing the WP password, removing the malware code, and copying and moving your website, etc. They are surprisingly helpful to new accounts, because they want to earn your business. Here's my affiliate link, lol. https://www.youtube.com/watch?v=dQw4w9WgXcQ

    I hope that helps. Let us know how you're doing.   :)

    Offline m.a. petterson

    • Status: Arthur Conan Doyle
    • ****
    • Posts: 509
      • View Profile
    Re: Help! My website got hacked
    « Reply #15 on: August 16, 2018, 06:03:17 am »
    What a priceless resource this is. Thank you to all who favored me with a comment.


    m.a. petterson | website

    Offline Patty Jansen

    • Status: Harvey Chute
    • *********
    • Posts: 13195
    • Gender: Female
    • Sydney, Australia
    • Destroyer of Science Fiction
      • View Profile
      • Patty Jansen Author of SF and fantasy
    Re: Help! My website got hacked
    « Reply #16 on: August 16, 2018, 06:17:26 am »
    I've actually gone 100% the other way.

    After having used Wordfence which completely borked my wordpress database, I've ditched all security plugins. I've turned off commenting and syndicate to my Facebook page where people can comment.

    I keep wordpress and plugins etc updated, but otherwise threat my site as 100% disposable.

    When (note I say when, not if) hackers get in, I'll wipe the directory and the wordpress installs, reinstall wordpress and have everything back up from an off-site database within an hour. I do run and download the suggested wordpress backup, but my entire site is created from an information database in google sheets and the blog from a Scrivener file.

    Offline Diana Kimpton

    • Status: Lewis Carroll
    • **
    • Posts: 221
    • UK
      • View Profile
      • dianakimpton.co.uk
    Re: Help! My website got hacked
    « Reply #17 on: August 16, 2018, 12:38:49 pm »
    When I used Wordpress, I installed All-in-one-security to make it less hackable. It's a good plug-in, free and fairly easy to use.  A quick glance at my site stats always showed lots of hacking attempts searching for vulnerabilities. All-in-one stopped them getting in.

    When I redesigned my site, I stopped using Wordpress because I didn't want its limitations or its security issues. But I'm married to web designer so it didn't cost me anything to get a one-off design and I've got the software and skill to update it myself. Without both those advantages, I'd probably have stuck to Wordpress.


    Author of more than 40 books and several scripts. Writes for adults as well as children.
    Diana Kimpton | website

    Offline Nobody222

    • Status: Lewis Carroll
    • **
    • Posts: 136
      • View Profile
    Re: Help! My website got hacked
    « Reply #18 on: August 16, 2018, 12:44:08 pm »
    You're welcome  :D

    The two-factor authentication is built into wordpress. When you log-in to your wp-admin dashboard, look over at the menu on the left and hover over "Users," and then click on "Your Profile." When that opens, scroll down until you see this:

    Two-Factor Authentication Options

    Enabling two-factor authentication greatly increases the security of your user account on this site. With two-factor authentication enabled, after you login with your username and password, you will be asked for an authentication code before you can successfully log in. Two-factor authentication codes can come from an app that runs on your mobile device, an email that is sent to you after you login with your username and password, or from a pre-generated list of codes. The settings below allow you to configure which of these authentication code providers are enabled for your user.

    From there, you can choose to use the mobile app, or just use your email (like I do, it goes to my phone anyway). And be sure to generate some verification codes, in case you ever get locked out. Save those in a safe place.

    Were you able to get into your wp-admin?

    Hello & thanks for replying back. Unfortunately, that's exactly what was written in the link you have posted, which I had already followed without success. When I click on "Your profile", there's no "Two-Factor Authentication" option anywhere...

    I only see Personal Options (Visual Editor, etc), Posts by email, Name, Contact Info, About Yourself, Account Management.

    Offline Glis Moriarty

    • Status: Lewis Carroll
    • **
    • Posts: 168
      • View Profile
    Re: Help! My website got hacked
    « Reply #19 on: August 16, 2018, 01:48:08 pm »
    The most important piece of advice is to avoid all hosts owned by EIG. Lists and reasons freely available on the net.
    Site Lock is a scam in top of the deficiencies of the hosting; EIG get 55% of the money paid to Site Lock. The original scare emails don't actually show that your sites have security problems.

    Many other good hosts out there, cheap and dear, but you need to keep an eye on them because their quality doesn't always stay the same over time as people move on.

    If you install WordPress, it's essential that you keep it and all themes, extensions etc up-to-date. Updating is usually simple and straightforward.

    It's your host's job to keep the server secure. Sometimes a good host will suspend a site if it has known security problems that have not been updated. You need them to be on the ball else insecure sites on your server give hackers an open door to attack you - even if your software is fully updated.

    Offline Nate Hoffelder

    • Status: Jane Austen
    • ***
    • Posts: 367
    • I build websites, and blog about ebooks
      • View Profile
      • Nate Hoffelder
    Re: Help! My website got hacked
    « Reply #20 on: August 16, 2018, 01:58:38 pm »
    I just found this thread. I fix WP sites, and I'd be happy to hold your hand through this.

    Do you have a clean unhacked backup for your site? If you do then you should restore it, and then (as previous commenters suggested) install either Wordfence or All in one WP Security.

    After you install the plugin, take the time to configure it. That will keep most problems out.

    In the future, take the time to keep your site updated.  As other commenters said, this will keep your site safer by closing security holes as fast as they are found. (There are plugins that you can use to automatically install updates; I use them on many of my demo sites.)

    Offline Nate Hoffelder

    • Status: Jane Austen
    • ***
    • Posts: 367
    • I build websites, and blog about ebooks
      • View Profile
      • Nate Hoffelder
    Re: Help! My website got hacked
    « Reply #21 on: August 16, 2018, 02:01:54 pm »
    The most important piece of advice is to avoid all hosts owned by EIG. Lists and reasons freely available on the net.
    Site Lock is a scam in top of the deficiencies of the hosting; EIG get 55% of the money paid to Site Lock. The original scare emails don't actually show that your sites have security problems.

    You can ask almost anyone who works with WP and they will tell you the same.

    I see Sitelock as a scam because its partner hosting companies have a financial incentive to let your site get hacked so they get paid when it is cleaned up.

    Offline juan2machado

    • Status: Dr. Seuss
    • *
    • Posts: 35
    • Gender: Male
    • Venezuela
    • If you can imagine it, you can program it
      • View Profile
    Re: Help! My website got hacked
    « Reply #22 on: August 16, 2018, 06:04:02 pm »
    My website was recently hacked and is now redirecting visitors to another site that is not mine.

    My host is Hostgator. When I asked for their help they passed me on to Site Lock Web Security, who claim to be their security partner.

    Site Lock tells me the problem is WordPress.

    Site Lock tells me they can fix the problem and prevent future problems for anywhere from $65 to $79 per month on a continuous basis. For just the one site.

    My website was designed by Faus, who has designed several other authors' sites here. He did a nice job. On his suggestion I moved a couple of the sites he designed to Hostgator a few years ago. Unfortunately, Faus has not responded to a couple emails I sent asking for help so I assume he is out of business.

    Any advice, input, or other counsel from this community will be greatly appreciated.



    Hello.

    On the positive side, it is not redirecting to a Porn site  :D

    All jokes, aside, it is not good. I've gone through this (using Hostgator myself) and is not funny. I feel your pain. Is so frustrating that your site is there, compromised, and there's no one willing at least to offer some enlightement on how to get things back to normal.

    Are you able to log into your cPanel/FTP?

    At least let's try to get rid of the redirect issue that may be hurting your reputation on the eyes of your readers.

    Try to put all your WordPress files inside of a folder called "old" or similar.

    Then, on the root directory, place a text file named: index.html.

    Put the following content inside of the index.html file:

    Code: [Select]
    <html>
    <head>
    <title>We will be right back!</title>
    <style>
    .be-right-back{
    text-align:center;
    }
    </style>
    </head>
    <body>
    <h1 class="be-right-back">
    We will be right back soon!
    </h1>
    </body>
    </html>

    This will not bring your site back, but at least will show a message that you are working onto solving it and will stop the annoying redirection (it should work).

    I hope this helps!
    Juan Jos Machado

    Offline Melody Simmons

    • Status: Arthur C Clarke
    • *****
    • Posts: 2481
      • View Profile
      • Bookcoverscre8tive
    Re: Help! My website got hacked
    « Reply #23 on: August 17, 2018, 04:48:35 am »
    My website was recently hacked and is now redirecting visitors to another site that is not mine.

    My host is Hostgator. When I asked for their help they passed me on to Site Lock Web Security, who claim to be their security partner.

    Site Lock tells me the problem is WordPress.

    Site Lock tells me they can fix the problem and prevent future problems for anywhere from $65 to $79 per month on a continuous basis. For just the one site.

    My website was designed by Faus, who has designed several other authors' sites here. He did a nice job. On his suggestion I moved a couple of the sites he designed to Hostgator a few years ago. Unfortunately, Faus has not responded to a couple emails I sent asking for help so I assume he is out of business.

    Any advice, input, or other counsel from this community will be greatly appreciated.



    Oooh haha - welcome to the Sitelock/Hostgator scam club.  They cause the malware and then make you pay to fix it.  Sitelock has deals with Bluehost and Hostgator and probably others too.  Unfortunately as far as I know there isn't much you can do about it.  If you don't pay them they are going to keep screwing up your site for you.  Google Sitelock scam and you will find info - like this:  https://www.whitefirdesign.com/blog/2017/01/24/dont-ignore-a-message-from-sitelock-or-your-web-host-that-your-website-has-malware/

    https://bavatuesdays.com/sitelock-scam/

    If you pay them your site will be fine and they will stay out of your hair.

    They're the website mafia  ;)
    « Last Edit: August 17, 2018, 05:00:46 am by Melody Simmons »

    Offline Goulburn

    • Status: Arthur Conan Doyle
    • ****
    • Posts: 871
      • View Profile
    Re: Help! My website got hacked
    « Reply #24 on: August 17, 2018, 06:45:00 am »
    I had been with Weebly, on a professional level, ten website account for ten years, and had never had an issue. Two-and-a-half-years-ago, I spent more than a thousand dollars on top quality hosting and Websites using the professional level of Wordpress. I was hacked twice in my first two months. Same reply, "it is Wordpress." If a hacker is going to try to hack a website, they usually try to hack a Wordpress site. I was told that free or pro-level made no difference. I swallowed my losses and closed the sites I'd paid for and went back to Weebly. I can do a fair job of individualising my sites there, and I'm not being bothered by hackers. Most people will recommend Wordpress. 
    I do not consent to the Sept 2018 TOS change that was made without asking my consent or even offering notification.  If VerticalScope republishes content I own I will sue them for breach of copyright.

    KBoards.com

    • Advertisement
    • ***