WordPress installer with virus…
Will there be any anti-virus support, an anti-virus plugin like it’s done in other panels?
Will there be any anti-virus support, an anti-virus plugin like it’s done in other panels?
First of all, not need to post nudes here. We just understand that your website got infected. Or blur image before posting to public official forum.
The second part of my answer related to wordpress and viruses.
In short: there are no easy solution against hacks. Not need to blame or switch responsibility of administrating and managing your own WordPress installation, and switching responsibility from yourself to control panel developers. This does not work like that. The guys who own server & provide services to people, and who own the website - responsible for the content inside the website. Not CP devs.
How to minimize risks to be infected?
easy solution: pay for paid WAF (Web Application Firewall) with good filters for your WordPress installation.
For example: https://sucuri.net/website-firewall/
Yes, it will not close all security holes, and issues with your website, but it will filter all potentially dangerous requests to your website, and will keep your website safe with much more higher chance than without WAF at all. If your websites got infected frequently - it’s a time to think that you doing something wrong. Maybe need to consider to purchase WAF, and check how it will going.
Not easy solution:
- Manage your website & server.
Yes, this is extremely hard, yes, this is require a lot of time, yes this is painful, and need to know a lot of small details how to do it properly. Thats why there are educated people who doing that for money. Hosting website in extremely dangerous enveriopment when everyone wish to hack your website to abuse and use for pornography and other scam while you’re not familiar with basic steps how protect yourself in this enveriopment - bad idea. And again this is about switching responsibility from yourself or your client who owns website to control panel. I.e. easy to blame someone else for your fault, than yourself.
Where to start learning curve how to organize properly everything to minimize potential hacks against your website?
You must start with 4:
- backups
- monitoring & alerts
- frequent updates of outdated plugins/wordpress
- don’t use any nulled shit (nulled themes, plugins, etc)
Usually this is more than enough.
I’ve seen many people who said: “i dunno what happened, my website hacked”.
And when I’ve opened with wp cli plugin list, i found maybe 80% of plugins - paid one, and nulled, and the same related to theme. How the heck such website should be safe it’s already has inside tons of exploits from nulled plugins / themes?
When you have regular backups (incremental) and you can easy return to any day in time from begining of hosting your website - it’s greatly help to find most of the issues with website, and roll back to any point in time when everything was good.
Monitoring required to check your CPU / ram / network usage, and alerts when something suspicious happened. For example on your screenshots above, some video files uploaded. If you had properly configured monitoring you can in theory get a notification that you have traffic spike, and immanently react and turn off server. One of example monitoring’s that can able to help with that called https://www.netdata.cloud/
Plus there are infinite abilities to implement different bash scripts that will check your wordpress installation folder, and track for a new files uploaded, or track what files changed (git init for example of the folder of your wordpress installation).
Also i recommend to start reading OWASP resources.
You can start with something like this one: https://owasp.org/www-pdf-archive/WordPress_Security_Implementation_Guideline_-_OWASP_Romania_InfoSec_Conference_2014.pdf
and https://owasp.org/www-chapter-ghana/assets/slides/Niiankrah_owasp_nov_18.pdf
2 Likes
Thank you for your reply, but you must understand that I have not uploaded anything to the website. I just used the installer in the hestia admin panel, this means that hestia itself has security problems
we just pull the source from wordpress, I’m not aware of any issues right now. PS: redacted links.
2 Likes
upload here access.log & error.log of infected domain.
1 Like
Just did a fresh test installation, no issues at all - probaly a local problem - provide more informations.
3 Likes
We download Wordpress via WP-CLI . So If there is something wrong with you need to check there…
1 Like
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.