After my WordPress website was hacked, this is how I fixed it with the Wordfence plugin and cleaned up the malicious files. Find more at tonyteaches.tech Check out my vlog channel @TonyFlorida
Tony my dude, you are amazing. I've recently started developing custom wordpress themes and hosting with vultr vps. Learning is still a large part of my day to day and you are my go to when it come to any questions I might have. Would love to see more videos about both front and backend security! Thank you for making developer oriented content, looking forward to more videos.
Thanks Kevin for watching. Here to help if you have any questions. I have this video specifically about WordPress security ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-s3WGgmj4bxE.html and I'm currently working on a Ubuntu/Linux security video. Keep learning!
if you have a static IP then lockdown your login and admin areas by limiting access to your ip. if not use something like cloudflare access to add an extra layer of protection to those areas. also double check your installed plugins as there have been a plethora of plugin vulnerabilities this past year so that could’ve been an entry point as opposed to your credentials.
Great video! When Wordfence shows virused file indications and asks if I want to delete them, how do I know if it’s safe when I don’t have developer skills as sophisticated as yours?
Thanks for the video, but unfortunately it didn't solve my issue. My website have some unknown pop-up showing for crypto sales or mint nfts. i dont know why is that happening, i have already delete the old user and created new user, deleted bunch of plugins, also done the wordfence scan and it caught few malware, removed and fixed them. but after all that still that pop-up showing every time i visit my site no matter with different browsers or from other IP addresses. do you know what causing this? any help will be highly appreciated. thank you!
Hey Tony would you suggest Using wordfence as permanent security solution cuz I have heard it harms site Speed and performance. currently I just use strong password, 2fa, Cloudflare, server Side 7G FIREWALL.
I've also heard that security plugins slow down Wordpress performance. This makes sense because the services needs to run in the background to monitor things. I''m currently testing it out as a permanent solution on a few of my sites, so I'm not 100% sure yet. It seems like your security setup is good, probably better than most :)
Same here dude luckily enough i just got mine recover back with the help of a professional expert! Called LYFT_TECHZ he helped me a lot when i was desperate and i think he can help you too, i suggest you send him a request.
Same here dude luckily enough i just got mine fixed back with the help of a very reliable and professional expert! Called LYFT_TECHZ he helped me a lot when i was desperate and i think he can help you too, i suggest you send him a request
Today I was trying to log in my word press admin then I come to the log in page and I put my log in information but it did not work, at that moment i figured out that i came to fake login site after That come to the right Wordpress log in page i clicket on lost my password it asked me to put my email/gmail. That I created my Wordpress with when put that on the field , surprisly the page couldn’t recognise my gmail so i gussed the hacker from the fake login site changed the informations to his! I feel so silly right now! Anything I can do please?
I got a notification that someone added 3numbers to my Gmail account then I saw that from that 4 numbers 2 numbers are mine and the other two numbers are unknown numbers but when I deleted one number the other number was deleted automatically then I checked login devices but got nothing there then I just changed my password.So now my question is should I use that Gmail I'd or not ....?
@@satishkumarojha5377 you should be okay to use your email account. YOu haven't reused the password anywhere else, have you? If so, you'll want to also change those passwords
my website was hacked by a group called aslan neferler tim they destroyed my website and changed the homepage to an army kind of wallpaper with ISIS tune in the background, i did had a back up a few months back so i asked my hosting service to reset the entire cpanel and restore the back up, and after that i installed a plugin called iTheme Security. Things are back to normal now, thank god they didn't add fake urls like yours because those would be a bitch to remove.
and also im sure i was hacked because my password was lowercase letters with 2 alphabets, now i changed it to 16 digit alphanumeric including special characters.
Do you know why they hacked you? If it wasn't to hijack and control your website? (Log you out and give themselves admin privileges). What would have those 404 web pages have done? Collected data from people who visited them?
You know, I'm not sure. There was nothing valuable on the website like user information. Perhaps in some of the pages there were backlinks to their websites which could in theory boost their search engine rankings.
