Due to people who have nothing better to do than attempt to hack websites, I have deleted all my subscribers and implemented new security protocols. If you were a legitimate subscriber (i.e. a real person), my apologies, please sign up again.
Was the message I had on my site for weeks after getting my site back on. This is a testimate to some hard research, often WordPress users conflict with their information or suggestions and then there are the Apache groups, the ones usually with the “good stuff” for hacking any site, not just scripts for out of date plugins and themes.
It took me nearly 6 weeks of just research to learn about the vulnerabilities and try them myself against demo WordPress sites. I am talking about the ‘Core’, the ‘Plugins’, & the ‘Themes’. Using Google to search the web for me for targets, I then played with some of the scripts that like to expose WordPress. Of course any other site other than my own, I got permission and offered to build a strong boarder around their website install and not around WordPress.
This gave me lots of experience especially since it took a lot longer, for me that is, not a hacker…. to find a willing person with a typical Apache server and fire-walled hosting company. Let’s just say if their lights were connected to their alarms, it would be Christmas and that’s just in the hosting company firewall, never made it to the Apache server…..like I said, I am not a hacker, but I know what to look for…now.
So back to what my purpose was… My Site Got Hack, I Got Pissed, I didn’t Do a Backup (slap face), I did have most of my content saved in various places (nightmare). I had to use the ‘Internet Archive‘ to find the rest of my content…which is SLOWLY making it’s way to this site…..maybe 😉
I looked in to someone else helping to secure the site, but they just recommended more WordPress plugins… you see, most of those don’t work… good hackers start at the server, so WordPress, must ‘bootup’ when accessed by the internet and by then it’s too late, it’s effectively in the Operating System, which infect the Application (WordPress). – These will be reviewed on my company site of SoCalCreations.net
In looking for other solutions, I found guys that ‘fix’ WordPress sites, that is to say upload the code to your site again, okay maybe a bit more, but not much. Then they charge you between $50 and $150, I have seen some up sell packages with ‘security’, ‘auto-backup’, ‘auto-updates’, and ‘maintenance’ plans all the way up to $450 per month…..PER MONTH… WOW!
When I found out how easy it was, okay after 8 weeks of studying and another 7 or 8 weeks practicing for application learning, trying to explain why “I’m Doing It”……ahhhh then it became easy.
Don’t get me wrong, it has a lot of processes and layers, not to mention a few outside verification sites….and maybe about 2-3 hours per site, depending on email….
Viola! Site Secured.
Remember the starting message….it was on the main page of my site, this site, for nearly 3 months while I hammered away on social media, meetup groups, online forums and many other places people (script kiddies & hacker) would be likely to be.
So Now I have added this to my Companies Site as a helpful & preventative measure for your site…
Link coming soon!
KEEP IN MIND: NO SITE and I MEAN NO SITE is 100% penetration proof, so anyone telling you they have a guarantee, they better be doing malware detection, backups and updates of your site along with it!
Latest posts by William Burdine (see all)
- 12 Rules for Life: An Antidote to Chaos - 2018/01/30
- Attitude of Gratitude! What are you grateful for? - 2016/11/21
- New Classes For Renatus! - 2016/10/23
- Nathan Tabor – Multi-Family Fix & Flip - 2016/10/23
- Becoming a better man, no tomorrow, steps for today - 2016/07/23