About 3 weeks ago when I noticed that some of my websites that are hosted on a single hosting account has been hacked and was inserted by several ad scripts and malwares. I can't just stand there and watch my sites fall.
The hacking was done using brute force and SQL injection. It was so frustrating to see all those hard works to be compromised by these malicious softwares. It cost money to set up these websites. And I also loses money if I won't do anything to solve it.
So here's what I did.
1. I installed a couple of plugins that helps me detect possible weakness and loopholes in my site and secure the site. One of the plugins that I installed also helps me secure my site by limiting and banning IP addresses who tries to brute force my site. I was actually shocked when I got more than a hundred login tries within 12 hours. Thanks to that plugin.
2. Implement those warnings and instructions on how to lock it. I changed the data base prefixes, and tweaked over the sensitive files where hackers cannot directly write onto it. This avoids SQL injection.
3. Ban IP addresses that were detected. With the auto detection, I can now easily trace IP addresses and ban them permanently over the site.
4. Contact the host. When your site is hacked, sometimes, it is almost impossible for you to clean your site from all those bad files. So you might want to contact your host to scan over your site and delete those malicious files. And that’s what I did.
5. Reinstall a clean version of Wordpress. After cleaning, it is advised to reinstall your Wordpress site so that fresh and clean Wordpress files will be installed. This will also delete hidden scripts that were installed in some of your php files.
Result?
I was able to stop more than 200 hacking attempts overnight. And for 24 hours monitoring, I don’t see too anymore SQL injection activity. I really do hope that I finally get rid of those malware.