Website Hacked

[Shams]

Good Day,
Second time in last 2 months. when 2 different websites of my client's are being hacked. I'm sharing with you few screenshots and maybe you have more info on these hackers. when the first website was hacked they changed the Cpanel password too but, this time, Hackers didn't change any password but they have deleted all the files related to the website, So I think I have to recreate the whole website again. Which will cost to my client. Sorry, i forget to mention, below screenshot of today hacked website. Last hacked site I don't have any screenshot but the language they wrote was Russian.

Share Your idea's.
1). How to prevent and deal with these type of issues.
2). Security issues with shared Cpanel.
3). Best Hosting Provider.

 

[iowadawg]

Easy....
USE PASSWORDS AND USERNAMES THAT MAKE NO DAMN SENSE!
Use numbers, letters in both small and large caps, symbols.
At least 8 total, 12 is great, 16 is super!
EG:
Ub9@J)z>D3
For your cpanel, admins, anywhere you need to have passwords and usernames.

Also the same for twitter, facebook, etc.

 

[domsforsale]

Same thing happened to my WP Cpanel website 2 weeks ago. Some Indonesian hackers. It was really frustrating because I had put way too much work into it and ofc never did a backup

My advise and I am by no means an expert, quite the opposite, get a premium security plugin with 2-factor authentication, cross your fingers and remember to backup frequently.

 

[Shams]

This incident wasted my whole day and they deleted all of my files so i had to create whole website again but luckily i have backup of the contents. Now it's working fine.
@iowadawg I always have Super difficult password for my main Hosting Account but my client was using dictionary word as a password and mostly i'm using Different password for every site and 2FA where it's possible. I'm professional and i know about these things but the clients don't have any idea.So, they don't understand these type of things until it happen to them.
Thanks for great your advice.

@domsforsale You are right about 2FA.It prevent many incidents,

 

[NameOmnia]

I am sorry to hear that.

Assuming you are using WP my advice would be :

- Using themes from a trusted provider that updates them constantly
- Using plugins from trusted providers; avoiding those that open your site to vulnerabilities
- DO NOT use Visual Composer
- Choose your hosting provider carefully ( PM me )
- 2FA for admin access
- Antispam Shield
- Back up

never did a backup

Your hosting company should have one.

 

[Shams]

@photonmymind i'm using Blu****t as hosting provider since 2007 and i don't like them but i'm stuck with them because i have 70+ clients on my Reseller account and now it's approximately impossible to change them.i know i can transfer my files from 1 hosting to another but i have issue with emails. most of my clients have 10GB+ emails data.

 

[NameOmnia]

@photonmymind i'm using Blu****t as hosting provider since 2007 and i don't like them but i'm stuck with them because i have 70+ clients on my Reseller account and now it's approximately impossible to change them.i know i can transfer my files from 1 hosting to another but i have issue with emails. most of my clients have 10GB+ emails data.

Then you know where your problem resides ( most likely ). You are using one of the worst hosting company on the market ( used by many only because of the high affiliate commissions they pay... )
It was a decent one some time ago but since it has been acquired by EIG everything went down the drain like with all the others they have acquired.

If you are stuck there then you have to inform your clients about password security, 2fa etc. otherwise I guess you will will have to start using a new hosting company from now on for the upcoming projects.

 

[RJ]

10+ GB in email data sounds like a big headache for a server admin. If I were you, I'd help get my clients clear that old email off the server (and maybe over to a Gmail account) in the name of protecting their privacy and security.

 

[Shams]

If you are stuck there then you have to inform your clients about password security, 2fa etc. otherwise I guess you will will have to start using a new hosting company from now on for the upcoming projects.

Unfortunately they don't have 2FA.

10+ GB in email data sounds like a big headache for a server admin. If I were you, I'd help get my clients clear that old email off the server (and maybe over to a Gmail account) in the name of protecting their privacy and security.

I'm doing that already. Clearing all the older emails more than 15 months.

 

[NameOmnia]

Unfortunately they don't have 2FA.

What I meant is to add a plugin to WP sites that forces a 2 factor authentication : to login you have to input your password and a 6n PIN.
That can be done regardless to what hosting company you are using.

 

[Shams]

What I meant is to add a plugin to WP sites that forces a 2 factor authentication : to login you have to input your password and a 6n PIN.
That can be done regardless to what hosting company you are using.

Okay, Good idea. i'll implement that on all the accounts.

 

[iowadawg]

Impartial here....Bluehost is decent.
Used them back in the day.
Now with wordpress?
.htaccess file, allow only the IP of the user.

ANd does not wp already have that?
Where to login you have to have username and password?
Or am I missing something here?

 

[domsforsale]

Impartial here....Bluehost is decent.
ANd does not wp already have that?
Where to login you have to have username and password?
Or am I missing something here?

With 2FA they also send you a pin number to your mobile which you use together with your password. Needless to say that each time you login they send you a different one. But in order to implement 2FA you need to install a plugin that does that because WP doesn't have this by default.

 

[domsforsale]

Your hosting company should have one.

I will look into that. Didn't know that they backup websites' data by themselves. I thought that since I am doing all the work with WP I should manage my data backup manually.

 

[TheWatcher]

I am in this business for almost 25+ years information security is my bread and butter. I make it harder for the bad guys to hack on my system so they can move along.
From corporate cyber security and pen testing, to small business website.

Remember.
Security is a process not a product.

You need to have a reliable web hosting company (Moscom.com) and apply layers of security measures e.g. Two factor authentication, manage security, patches, automatic backup, etc.

Drop me email if you need assistance EM @QUE.com

Have a nice day.
EM

 

[itsmeyall]

Thats horrible!

 

[Shams]

You need to have a reliable web hosting company (Moscom.com) and apply layers of security measures e.g. Two factor authentication, manage security, patches, automatic backup, etc.

Thanks for your suggestion.just want to clarify one doubt. i think Moscom are resellers, not a self hosting provider.

 

[markossy]

In pictures that you uploaded is not russian, it is turkish language.

First all start from outdated plugins and themes or vulnerabilities to attacks in themes or plugins, so update all the themes codes and wordpress itself to the latest version.

Check main knowed vulerabilities here: http://www.cvedetails.com/vulnerability-list/vendor_id-2337/product_id-4096/

Install a plugin to scan problems like this : https://ro.wordpress.org/plugins/plugin-vulnerabilities/

Disable Theme and Plugin Editors from WordPress Admin Panel : http://www.wpbeginner.com/wp-tutori...nd-plugin-editors-from-wordpress-admin-panel/

Install a plugin like bullet prof security: https://ro.wordpress.org/plugins/bulletproof-security/

Create at least weekly backups for all accounts files and databases.

Even from a backup you already have it is posible that the files are already infected, so must clean theme before to be sure that it is not have bugs inside:

http://www.hongkiat.com/blog/wordpress-plugins-detect-malicious-codes/

 

[TheWatcher]

Thanks for your suggestion.just want to clarify one doubt. i think Moscom are resellers, not a self hosting provider.

Yes that's correct, but you save a lot of website management e.g. Backup, WP core updates, etc. You still need to apply other layers of security to harden it.

 

[Yusuf Musa]

A reliable hosting company, 2FA and constant backup is the key.

I'll recommend hostdime for your hosting services, they've been reliable and they always keep back up of all my sites (Even though I keep backup too). And most importantly, their support have been superb.

 

[Shams]

I'll recommend hostdime for your hosting services,

Thanks, i made a contact with them in live chat and indeed they are wonderful, Even their Plans are costly thn any other hosting provider but i believe it's worthy, if we have this kind of quick support.

 

[NameOmnia]

If you work with WP there is really one hosting provider you want to be with.
Traffic Planet Hosting.
Amazing speed, reliability and a support that is blazing fast ( average response time 20 min )

Another good one is SiteGround or, if you are a freelancer/web designer/web agency then GetFlyWheel

If I had to recommend a hosting company non specific for WP I would say InmotionHosting.