My sites are getting frequent attacks

[Praney Behl 314]

Hi fellows,

 

Need a little help if someone can. I have over 500+ sites and almost everyday or two, I find one of my sites is attacked/hacked and placed a permanent redirect on them pointed to a spam site or a porn site. They are all WP based.

 

Its getting more frequent and hurting.

Any suggestions?

 

Thanks

 

Praney

[TommyTx 5]

There is a ton of security stuff you can do...

1. get rid of admin for user name.

2. use the password generator use my pgm to put all 500 weird passwords into Roboform so you can access the sites quickly.

3. Set up email and/or text to your phone to alert you if anyone logs into any site..

And the list goes on and on... I love designing automation and its all free..

Contact me at jackrabbitsec if you want to chat... check out http://52payperclick.com to see that all I do is hobby stuff so its all free.. if I do it at all.

[Eddie Waller 158]

Also make sure to keep wordpress up to date, since new exploits are found all the time.

[Praney Behl 314]

Thanks for replying quickly guys.

 

@TommyTx, Thanks mate. "jackrabbitsec" is that skype?

 

@Eddie, Thanks eddie, they are all upto date bots make sure they are updated every 2nd day.

 

+1 for both

[TommyTx 5]

Skype it is.. good guess... its all I use ...love it and its free..

[Praney Behl 314]

Eddie, Can we please have a private forum, that search engines don't index, I just saw google on it straight away.

 

I would like to request a private forum where Ubot users can discuss such issues.

 

Thanks

 

Praney

[Praney Behl 314]

Skype it is.. good guess... its all I use ...love it and its free..

 

Thanks mate getting on to you

[LoWrIdErTJ - BotGuru 904]

also make sure all chmod folders are not writeable to public.

 

also make sure and change the administration path

 

also make sure your using legitimate plugins, and those plugins are up to date, and no exploits on them.

 

 

I can help you more tomorrow when i have more time.

 

TJ

[malefic 48]

Not sure where you are hosted (shared / vps / dedicated) but when you find a couple hacked are they on the same hosting provider?

 

It may have nothing to do with your sites being insecure - if you are on a server with others, they may have a weakness in their sites which lets a hacker in and then do a mass deface of all sites on that server.

 

I used to get my WP sites defaced a lot when on cheap shared hosting - I now have my own VPS and have had no problems since.

 

 

Cheers

M.

[TommyTx 5]

Amen to shared hosting.. its damn near impossible to keep them out on cheap shared hosting... it might be worth taking the time to set each site to alert you if anyone logs in or for example if the byte count on a page changes.. can send you an email instantly or even a tick-tick on your cell phone via text... gives a real secure feeling to know that if someone tries to redirect your site on any one of 500 sites you know instantly and don't have to wait to see the adwords account drop to zero... and who the hell has time to check on 500 sites even once a day.. I could set something up for you for free...if you like.... it will even send you the IP of the sucker who is breaking in... we could light off a gas cannister but that might burn the server down... hee...heee.

 

Wow! Praney.. I just noticed we both joined this club the same month back in 2010 and you have 1500 posts while I have 80. Wow you must have been writing like a big dog... course I travel through out a ton of forums... not just hang out here.

[Net66 54]

I'll echo the whole VPS idea. I switched to VPS recently and its solved sooooo many issues. And if you're not into web server stuff then people like hostgator offer a fully managed vps (anything from level3 onwards on their plans).

 

While it increases hosting costs from $10-$15 a month to $50 (inc cpanel which is a must have), the time and money it saves from not having issues is massive.

 

Andy

[k1lv9h 76]

I have "Login Lockdown" (Link to site) Wordpress plugin installed on my blogs. It makes it more interesting trying brute force login attacks.

 

Kevin

[malefic 48]

While it increases hosting costs from $10-$15 a month to $50 (inc cpanel which is a must have), the time and money it saves from not having issues is massive.

 

Probably because its me, but I don't have cPanel on my servers (okay, I do use cPanel elsewhere as an offsite thing incase my VPS goes offline for some reason).

 

I have a Ubuntu VPS and wrote a couple of small scripts to configure the Virtualhosts for each domain I host on there.

 

Big advantage is you don't need a big spec VPS just because cPanel runs on it. I have hosted sites this way on VPS's with only 256Mb RAM.

 

At the moment I am running a VPS with 16 small sites on (couple of Wordpress and the rest static pages), with MySQL running and I am hovering about the 200Mb RAM use.

 

I guess it depends on how much time you want to spend messing about - I obviously have too much time on my hands

 

If anyone wants the scripts I use to set up basic sites on Ubuntu then drop me a PM.

 

Cheers

[JohnB 255]

I'll echo the whole VPS idea. I switched to VPS recently and its solved sooooo many issues. And if you're not into web server stuff then people like hostgator offer a fully managed vps (anything from level3 onwards on their plans).

 

While it increases hosting costs from $10-$15 a month to $50 (inc cpanel which is a must have), the time and money it saves from not having issues is massive.

 

Andy

 

 

I agree. I have been using serverpronto for 8 years and aside from a couple of errors I made, I have never had a single issue with any kind of attacks whatsoever. If you do have your own dedicated server, I would also highly recommend configservers free firewall script. It's among the best I have ever seen (and of course it's free).

 

John

 

 

[LoWrIdErTJ - BotGuru 904]

Hardening wordpress http://codex.wordpress.org/Hardening_WordPress

 

wordpress security 101 http://www.artofblog.com/wordpress-security/

[Praney Behl 314]

Sorry guys for replying late, I figured out it was a buggy plugin through out the network, well I got my lesson.

 

My sites are hosted on differnt C-class ip hosting paying top dollar.

Maybe its time I drop some sites, that are not making much.

 

But there are some great suggestion me and other with similar problems to have a look at here in this thread. Guess I need put put some more time into my bots to do some extra hard work from now on haha.

 

I really like to thank you all for taking the time to help.

 

Regards,

 

Praney

[UBotBuddy 331]

Don't forget to use VERY complex passwords.

[mamica 10]

They are not hacking passwords, they use injections and backdoors to enter in your wordpress. 3.0.X have bug where a guy register and by injecting some code inside hes bio he makes him self admin on website.