• # June 9, 2008 at 11:36 am

    What should I do if 1 guy is hacking my wordpress blog and I know that he is doing it by using ports. What happens when he do this, in the first few minutes the website is laaging, slow url opening time, and when the 5 minutes pass I just see the white window (I’m using Fire Fox), when he stops doing that everything is ok. So what should I do? Anyone knows? :( :(

    # June 9, 2008 at 3:41 pm

    This reply has been reported for inappropriate content.

    The first step is to make sure you are upgraded to the VERY LATEST version of WordPress. The process isn’t always painless, but there has been some very serious weaknesses in WordPress in previous versions that have now been patched. Also, make sure you have your permissions set on your files and directories on your server set correctly, that you don’t have any extra WordPress accounts (especially administrator ones), and that your administrator password is a secure one.

    # June 9, 2008 at 7:06 pm

    This reply has been reported for inappropriate content.

    There are a few wordpress plugins that allow you to batton down the hatches a bit. One good one is a login documenter (its not called that – but I can’t remember the name), this will allow you to see all attempts at logging in, successful and failed and will block the IP address of a fail attempt for a few hours. Its worth a search for security plugins to see what you can do to tighten-up your site.

    # June 10, 2008 at 9:01 am

    I haven’t had that attempt, but my blog did get injected with javascript. That’s why I wrote this post: Securing Your WordPress Blog

    # October 24, 2008 at 11:43 pm

    are you sure it’s just 1 guy?

    # October 25, 2008 at 1:20 am

    Before you get too gung ho about IP banning, keep in mind that most people are now surfing with dynamic IPs. If you see a hacker and block his IP, you are blocking the IP not the hacker. He could easily be back shortly on a new IP but other people on the same host will be blocked whenever they are assigned the IP he was using when you blocked him.

    I’ve started implementing code that detects the hacker (XSS attacks and snooping directories)and redirects him to a page that informs him he has been detected and that his host has been emailed. The later is a bluff because I don’t know how to programatically determine a host’s email from an IP but it appears to have had some success.

    EDIT: Geez, I just noticed the date on this. :oops:

    # October 26, 2008 at 3:07 pm

    From what you said, it sounds like hes attacking the server rather than your WP installation. Contact your hosting provider about it and try and give them an IP.

Viewing 7 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic.