BPS just saved my site

Home Forums BulletProof Security Pro BPS just saved my site

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • September 27, 2013 at 6:25 am #10210
    Jim Wurster
    Participant

    I just got a quarantine alert from a site I built for a non-profit organization. When I logged in to check what was up, I saw that every header.php file had been injected with bogus code. This had been done before on the site causing Google to blacklist it. But not this time. Yeah for your great plugin.

    So, how can I determine what caused this problem so that I can really fix it?

    Any help would be appreciated.

    jim

    September 27, 2013 at 7:18 am #10221
    AITpro Admin
    Keymaster

    Change your FTP and WordPress Login passwords immediately.   Typically code injection is done after the fact.  ie the hacker cracks your FTP password and then uses that cracked FTP password to inject code into your website files.  Another common attack method is the hacker has either hacked another website on the same Server that you are on or has purchased a hosting account on the same Server to cross infect other websites on that Server.  Or the worst case scenario, the Host Server itself has been hacked and all websites under the Server will be attacked simultaneously.

    Notify your Host support folks let them know that you have a security plugin installed that stopped the site from being hacked, but you want to alert them just in case of the things I mentioned above.  Give them as much details as you can to help them isolate the source of the attack.

    The time when files were autorestored/quarantined/the attempted code injection hack occurred.  Copies of the hacker’s code if you saved any of the hacker’s code in quarantined files.

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.