autorestore feature question

[yoon]

I’ve been using your plugin with great satisfaction and it’s protecting my site. Thanks.
I have two questions

(1) Suppose a hacker exploits a vulnerability in your plugin and plants malware on my site.
Isn’t it possible that the malware could be executed before the auto-restore system kicks in? Is there any protection against this?

(2) Can you recommend any malware scanners other than the one provided by BPS pro? My site is infected with malware and I want to use different scanners to find it. Are there any useful plugins or paid services?

(3) Do you also offer malware removal services and how much do you charge?

[AITpro Admin]

Typically a website/hosting account is hacked for months/years before a website owner becomes aware that their website/hosting account is hacked.  Or they install BPS Pro and they they become aware of that immediately.

If your hosting account is already hacked then the hacker can edit/modify any files under your hosting account.  So the hacker could modify BPS Pro plugin files.  Hackers usually disable/alter security plugins if your hosting account is already hacked.  Once your hosting account is hacked all additional hacking is done from within your hosting account using hacker Shell scripts and not from an external source.

The good news is that it is very simple to clean up a hacked hosting account.  See this forum help topic for the steps to clean up your hacked hosting account > https://forum.ait-pro.com/forums/topic/wordpress-hacked-wordpress-hack-cleanup-wordpress-hack-repair/

Using malware scanners is good for confirming your hosting account is hacked.  I have never come across a malware scanner that is capable of finding all hacker code and files because hackers intentionally make some of the hacker files look like regular php files and malware scanners cannot detect them.

I no longer offer hosting account hack cleanup services unless a website was hacked after BPS Pro was installed.  So yeah never had to do a single hosting account hack cleanup for that scenario.

[yoon]

Thanks for your answer.

But, I have a question related with (2).

https://drive.google.com/file/d/1R_TrjfT2UA-mHOda3hTRmSRmmyg4ZPR8/view?usp=sharing

Isn’t my site at risk in that purple zone?

[AITpro Admin]

Your diagram is not accurate.  Think of your hosting account as a bank vault.  If hackers are already in the bank vault then they are already past your security.  Once a hacker hacks your hosting account they install a hacker Shell script.  A hacker Shell script has all the same functionality as your web host control panel.  So what that means is once a hacker has hacked a hosting account they have full control of your hosting account from the “inside” not “outside”.  The same control that you have with your web host control panel.  BPS Pro will slow down the spread of the hack if the hosting account was already hacked before installing BPS Pro, but you have to clean out the bank vault of all robbers and start clean (close the bank vault door) in order to lock your hosting account down again.

[yoon]

OK, Thanks for your detailed answer 😀

[Author]

Posts