Tuesday, 15 May 2018

Quick tips after cleaning up a hacked site


One of the least fun things is to clean up customer’s hacked legacy WordPress sites. Much of these points goes with out saying. Today I don’t use FTP and expose PHP-files above the site root. Change password for FTP-account
Beware the big lists of passwords is circulating around the Internet. A quick check at Pwned can reveal this.
Change username for your FTP-account
Don’t use the same username as your domain, make this hard to guess or brute force.
Keep an eye on index.php and .htaccess
The most common hack nowadays seems to be to alter the index.php or .htaccess. The site owner or visitor does not see anything special, but the Google bot does.
Keeping an eye on changes on index.php or .htaccess can give you an quick alert if anything suddenly changes.
// https://mydomin.com/secret/md5.php

echo md5_file(‘index.php’) . ‘-‘ . md5_file(‘.htaccess’);

Then put an site monitor to check for the output of this script. If the keyword changes you know something fishy has happend.
Keep an eye on Google Index
Add Google Webmaster Tools and keep an eye of how many index pages your site has. A sudden raise of pages indicates that your site is hacked. For sure.
Clean up an hacked
Source: https://managewp.org/articles/17423/quick-tips-after-cleaning-up-a-hacked-site



source https://williechiu40.wordpress.com/2018/05/15/quick-tips-after-cleaning-up-a-hacked-site/

No comments:

Post a Comment