Wordpress hacked multiple times

wordpress

#1

I’ve had the link injection hack on my wordpress installation multiple times similar to what is described here: http://wordpress.org/support/topic/261886?replies=25

however, I keep changing my passwords and installing security plug ins but it keeps happening. Is it possible that this is a dreamhost security issue and not my issue? Is anyone else having this problem?


#2

Have you deleted all the files from your wordpress installation (except for wp-config.php and the wp-contents folder) ? Do that, download wordpress again and do a fresh install. Delete your wp-contents/plugins and re-install all plugins. Make sure there are no dropped .php files in wp-contents and its sub-folders which might provide a backdoor. Change the MySQL Passwort, your Wordpress user passwords and for securities sake even your shell/ftp password. Change your passwords after you are sure there are no .php files in wp-content/ except your newly installed plugins (from the original source, re-download them). Do you have any other scripts on your account (besides Wordpress) which might have security hole? Also make sure that none of the plugins are the point of entry and install the latest versions.

You can also check your Apache logs if there is any suspicious activity and find the point of entry in them.

Jan

Promo-Code: [color=#CC0000]SAVEMONEY97[/color] - Save [color=#CC0000]$50[/color] on your first year of hosting.
Get more promo codes here