Help! Website Problem

[Generic]

I'm using Wordpress. It's up to date. All my scripts are up to date. Website provider is saying that someone has exploited my website for spam.. but I don't know how to find the script.
It happened before. I clean up the website. Cleared up everything. Change the website password. Got rid of the scripts that I found, etc. But it's happened again. I don't know what to do? Where to find an expert better than me to find this and clear this up. Any ideas?

 

[Arks]

OUCH! Wish I could help.
Just wanted to mention that there was a WP security problem months ago where they were breaking into any WP account that still uses the default username "admin" to control their account. In addition to changing the password, also change your username, if you haven't already.
http://www.inmotionhosting.com/support/website/wordpress/change-wordpress-admin-username-for-security

 

[Generic]

OUCH! Wish I could help.
Just wanted to mention that there was a WP security problem months ago where they were breaking into any WP account that still uses the default username "admin" to control their account. In addition to changing the password, also change your username, if you haven't already.
http://www.inmotionhosting.com/support/website/wordpress/change-wordpress-admin-username-for-security.

OUCH! Wish I could help.
Just wanted to mention that there was a WP security problem months ago where they were breaking into any WP account that still uses the default username "admin" to control their account. In addition to changing the password, also change your username, if you haven't already.
http://www.inmotionhosting.com/support/website/wordpress/change-wordpress-admin-username-for-security

Changed that the day I installed. I don't know how they got in, but at one time there was an FTP account. Deleted that. All passwords on the account are generated using LastPass and are at least 10 characters long with symbols.
This is definitely via script. I've asked the NOC for help. I'm really USCWAP at the moment.

 

[EmptyNest]

Sorry wish I could help but scripting crap is beyond me. Ask you hosting company to help you. Isn't that why you pay them? That admin thing was ages ago. Anyone doing a new site should NEVER use admin. and also REMOVE WP from your copyright in sub footer. AND..remove META / LOGIN from footer if you have one. Give no means of access.
I use BRUTE Pro Tect plugin and sometimes askimet
Check these sites from WP
If your site is hacked, you need to start working your way through these resources:
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/

 

[Generic]

Sorry wish I could help but scripting crap is beyond me. Ask you hosting company to help you. Isn't that why you pay them? That admin thing was ages ago. Anyone doing a new site should NEVER use admin. and also REMOVE WP from your copyright in sub footer. AND..remove META / LOGIN from footer if you have one. Give no means of access.
I use BRUTE Pro Tect plugin and sometimes askimet
Check these sites from WP
If your site is hacked, you need to start working your way through these resources:
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/.

I have BruteProtect installed.
The site is back up. Found five files that had malware. Were hidden in directories. But it's a PITA. I saw a few sites like stopthehacker.com that I might end up subscribing to, if this continues.

 

[An Old Tavernkeeper]

OUCH! Wish I could help.
Just wanted to mention that there was a WP security problem months ago where they were breaking into any WP account that still uses the default username "admin" to control their account. In addition to changing the password, also change your username, if you haven't already.
http://www.inmotionhosting.com/support/website/wordpress/change-wordpress-admin-username-for-security.

OUCH! Wish I could help.
Just wanted to mention that there was a WP security problem months ago where they were breaking into any WP account that still uses the default username "admin" to control their account. In addition to changing the password, also change your username, if you haven't already.
http://www.inmotionhosting.com/support/website/wordpress/change-wordpress-admin-username-for-security

Changed that the day I installed. I don't know how they got in, but at one time there was an FTP account. Deleted that. All passwords on the account are generated using LastPass and are at least 10 characters long with symbols.
This is definitely via script. I've asked the NOC for help. I'm really USCWAP at the moment.
.

It is possible it may not be WP, though it most likely is.
We stopped using Last Pass because that was were we were being password hacked. So to be safe change your LastPass password too. Then look for scripts or an alternate shell on your local device.
Better safe than sorry. We lost everything, so we abandoned WP and Webervations/Rezo, moved to SqSp with ResKey and now we just let Barracuda Networks manage everything.

 

[Generic]

Just an update. My sister suggested that I try Fiverr to find someone to secure my website. And I did. Guy did a great job. So I thought it was only appropriate to give him a shoutout in case anyone else wants to make their Wordpress site more secure. https://www.fiverr.com/cerontek/secure-2-wordpress-sites-from-hackers-with-176-rock-solid-security-measures

 

[EmptyNest]

Just an update. My sister suggested that I try Fiverr to find someone to secure my website. And I did. Guy did a great job. So I thought it was only appropriate to give him a shoutout in case anyone else wants to make their Wordpress site more secure. https://www.fiverr.com/cerontek/secure-2-wordpress-sites-from-hackers-with-176-rock-solid-security-measures.

Your hosting company should be provide the major prevention. And you could install a few simple plugins yourself which he probably did. Wordfence for one.

 

[happykeeper]

Just an update. My sister suggested that I try Fiverr to find someone to secure my website. And I did. Guy did a great job. So I thought it was only appropriate to give him a shoutout in case anyone else wants to make their Wordpress site more secure. https://www.fiverr.com/cerontek/secure-2-wordpress-sites-from-hackers-with-176-rock-solid-security-measures.

So I wonder if it includes stuff I haven't done. I always get a little itch when I see that message about someone being locked out for trying to access by using admin.

 

[Generic]

Just an update. My sister suggested that I try Fiverr to find someone to secure my website. And I did. Guy did a great job. So I thought it was only appropriate to give him a shoutout in case anyone else wants to make their Wordpress site more secure. https://www.fiverr.com/cerontek/secure-2-wordpress-sites-from-hackers-with-176-rock-solid-security-measures.

Your hosting company should be provide the major prevention. And you could install a few simple plugins yourself which he probably did. Wordfence for one.
.

They do have SOME. In fact, when they tried to send SPAM out, it locked up the website after sending a few, so they weren't successful. BUT, they didn't have all. He did install some plugins for malware, security, etc. (Yes, including Wordfence) But he also made some other changes and found out which plugin was responsible for the leak. And one script that I hadn't found.
For the few bucks that I paid, I'm very happy.

 

[EmptyNest]

Just an update. My sister suggested that I try Fiverr to find someone to secure my website. And I did. Guy did a great job. So I thought it was only appropriate to give him a shoutout in case anyone else wants to make their Wordpress site more secure. https://www.fiverr.com/cerontek/secure-2-wordpress-sites-from-hackers-with-176-rock-solid-security-measures.

So I wonder if it includes stuff I haven't done. I always get a little itch when I see that message about someone being locked out for trying to access by using admin.
.

That means it is working While I am here rather than start a new thread..since it is web site related.... I will add a link I just read. You may find it helpful. It is for FB engagement.

 

[2cat_lady]

Just an update. My sister suggested that I try Fiverr to find someone to secure my website. And I did. Guy did a great job. So I thought it was only appropriate to give him a shoutout in case anyone else wants to make their Wordpress site more secure. https://www.fiverr.com/cerontek/secure-2-wordpress-sites-from-hackers-with-176-rock-solid-security-measures.

So I wonder if it includes stuff I haven't done. I always get a little itch when I see that message about someone being locked out for trying to access by using admin.
.

That means it is working While I am here rather than start a new thread..since it is web site related.... I will add a link I just read. You may find it helpful. It is for FB engagement.
.

Thanks for the link. I'll definitely try a few of these suggestions.

 

[Copperhead]

Just an update. My sister suggested that I try Fiverr to find someone to secure my website. And I did. Guy did a great job. So I thought it was only appropriate to give him a shoutout in case anyone else wants to make their Wordpress site more secure. https://www.fiverr.com/cerontek/secure-2-wordpress-sites-from-hackers-with-176-rock-solid-security-measures.

So I wonder if it includes stuff I haven't done. I always get a little itch when I see that message about someone being locked out for trying to access by using admin.
.

That means it is working While I am here rather than start a new thread..since it is web site related.... I will add a link I just read. You may find it helpful. It is for FB engagement.
.

Thanks E!

 

[EmptyNest]

Just an update. My sister suggested that I try Fiverr to find someone to secure my website. And I did. Guy did a great job. So I thought it was only appropriate to give him a shoutout in case anyone else wants to make their Wordpress site more secure. https://www.fiverr.com/cerontek/secure-2-wordpress-sites-from-hackers-with-176-rock-solid-security-measures.

So I wonder if it includes stuff I haven't done. I always get a little itch when I see that message about someone being locked out for trying to access by using admin.
.

That means it is working While I am here rather than start a new thread..since it is web site related.... I will add a link I just read. You may find it helpful. It is for FB engagement.
.

Thanks E!
.

Here's another interesting link about web design trends.

 

[Morticia]

Just an update. My sister suggested that I try Fiverr to find someone to secure my website. And I did. Guy did a great job. So I thought it was only appropriate to give him a shoutout in case anyone else wants to make their Wordpress site more secure. https://www.fiverr.com/cerontek/secure-2-wordpress-sites-from-hackers-with-176-rock-solid-security-measures.

So I wonder if it includes stuff I haven't done. I always get a little itch when I see that message about someone being locked out for trying to access by using admin.
.

That means it is working While I am here rather than start a new thread..since it is web site related.... I will add a link I just read. You may find it helpful. It is for FB engagement.
.

Thanks E!
.

Here's another interesting link about web design trends.
.

So many things you dislike! Scrolling forever, centered type, no color.

 

[EmptyNest]

Just an update. My sister suggested that I try Fiverr to find someone to secure my website. And I did. Guy did a great job. So I thought it was only appropriate to give him a shoutout in case anyone else wants to make their Wordpress site more secure. https://www.fiverr.com/cerontek/secure-2-wordpress-sites-from-hackers-with-176-rock-solid-security-measures.

So I wonder if it includes stuff I haven't done. I always get a little itch when I see that message about someone being locked out for trying to access by using admin.
.

That means it is working While I am here rather than start a new thread..since it is web site related.... I will add a link I just read. You may find it helpful. It is for FB engagement.
.

Thanks E!
.

Here's another interesting link about web design trends.
.

So many things you dislike! Scrolling forever, centered type, no color.
.

Yes I know..but I belong to a developers group who is slowly turning me around

We'll see if they succeed. I doubt it.

 

[Morticia]

Just an update. My sister suggested that I try Fiverr to find someone to secure my website. And I did. Guy did a great job. So I thought it was only appropriate to give him a shoutout in case anyone else wants to make their Wordpress site more secure. https://www.fiverr.com/cerontek/secure-2-wordpress-sites-from-hackers-with-176-rock-solid-security-measures.

So I wonder if it includes stuff I haven't done. I always get a little itch when I see that message about someone being locked out for trying to access by using admin.
.

That means it is working While I am here rather than start a new thread..since it is web site related.... I will add a link I just read. You may find it helpful. It is for FB engagement.
.

Thanks E!
.

Here's another interesting link about web design trends.
.

So many things you dislike! Scrolling forever, centered type, no color.
.

Yes I know..but I belong to a developers group who is slowly turning me around

We'll see if they succeed. I doubt it.
.

Yes I know..but I belong to a developers group who is slowly turning me around

We'll see if they succeed. I doubt it.

 

[EmptyNest]

Just an update. My sister suggested that I try Fiverr to find someone to secure my website. And I did. Guy did a great job. So I thought it was only appropriate to give him a shoutout in case anyone else wants to make their Wordpress site more secure. https://www.fiverr.com/cerontek/secure-2-wordpress-sites-from-hackers-with-176-rock-solid-security-measures.

So I wonder if it includes stuff I haven't done. I always get a little itch when I see that message about someone being locked out for trying to access by using admin.
.

That means it is working While I am here rather than start a new thread..since it is web site related.... I will add a link I just read. You may find it helpful. It is for FB engagement.
.

Thanks E!
.

Here's another interesting link about web design trends.
.

So many things you dislike! Scrolling forever, centered type, no color.
.

Yes I know..but I belong to a developers group who is slowly turning me around

We'll see if they succeed. I doubt it.
.

Yes I know..but I belong to a developers group who is slowly turning me around

We'll see if they succeed. I doubt it.

.

See if this helps anyone understand SEO any better.

 

[ozette]

If you have a Wordpress site you will want to install this plug-in for check your site for spam and hacking -> https://wordpress.org/plugins/sucuri-scanner/ it can also block hackers from getting in.