|
|
Go to page [Previous] 1~2 | ||||||||||
inhumaninferno Elite user 452 Posts |
I have to go with Mike Clay on his point of suiting the tech talk and recommendations to the crowd. I don't use any of the tools mentioned here. Some of my collegues favor .htaccess, but I'm content with the performance of what I use. Yes, I keep the backend of my sites updated--have not had any hacking problems (I have multiple page 1 rankings across search engines, so I'm not talking about low profile stuff escaping hacks or neg-SEO).
Most on this forum, like most in the real world, don't care about site/internet details. They simply want their sites to be safe and to aid their business. |
|||||||||
Tim Friday Elite user 485 Posts |
I added the Wordfence plugin and am now using lastpass for passwords.
Dreamhost supposedly did a scan but I only got a couple of emails from them and they were in regards to only one of my domains, it seems like they could have done a better job. Fortunately Carducci got me set. |
|||||||||
Tim Friday Elite user 485 Posts |
After getting setup on lastpass I realized the common denominator with my domains.
All of them got hacked except one. I didn't understand why this one did not get hacked... After setting up lastpass, I saw all my domains for wordpress have the username admin except for one. The one that does not have admin as the username did not get hacked. |
|||||||||
gothike Elite user 463 Posts |
With "Shared" hosting you have limited resources such as ram and can only strain the server to some extend before the Admin will offline your site.
wp-login.php is NOT cached, so it accessing SQL on every page visit from humans and bots. During a large BOT Attack it will strain your limited shared server. An easy fix that many users use is a simple .htaccess code. Its also recommend by several Web Hosts and many of the Security users at WebHostingTalk forum. The link below will explain the code in detail: <FilesMatch "^(wp-login.php)"> Order Allow,Deny Allow from example.com # Add your website above/Server IP Address & Local IP below Allow from 69.200.95.1 Allow from 65.100.50. </FilesMatch> http://forum.ait-pro.com/forums/topic/pr......-attacks That will give BOT or anyone not coming from your IP, a 403 (file not found) at server level. No server strain. Hiding wp-login.php with a plugin often leads to lockouts and "scanners" will be able to find the url anyway. So its a false sense of security.
Control your Show Music from a PC from 800 ft away with a remote control. Send me a message to find out how......
|
|||||||||
Red Shadow Inner circle 1788 Posts |
Happened to me a few years back. Thankfully I still had access into the main folder so I deleted all their hacked files, re-uploaded my entire site, changed the password and thankfully has not happeend again since.
But I have backups of everythings, at all times. |
|||||||||
The Magic Cafe Forum Index » » Tricky business » » My Site was Hacked??? (0 Likes) | ||||||||||
Go to page [Previous] 1~2 |
[ Top of Page ] |
All content & postings Copyright © 2001-2024 Steve Brooks. All Rights Reserved. This page was created in 0.01 seconds requiring 5 database queries. |
The views and comments expressed on The Magic Café are not necessarily those of The Magic Café, Steve Brooks, or Steve Brooks Magic. > Privacy Statement < |