Clean It Up
UK Window Cleaning Forum => Window Cleaning Forum => Topic started by: Dave Willis on February 13, 2017, 04:07:18 pm
-
Has hacked my website - why do these berks do it?
-
Might be that IT expert who caught you taking photographs of his front door! ;D
-
Can letshost restore it from a backup for you? It was OK in October:
https://web.archive.org/web/20161003015733/http://frames-to-panes.com/
-
I like the new one.
-
Nat, I have emailed you. I haven't a clue how to restore it or prevent another hack. But well done for spotting this thread, I thought you'd retired!
I have emailed Letshost , see what happens
www.frames-to-panes.com
-
Nothing came through Dave - info@avondhu-internet.com is my addy - can you send again?
Pop over your letshost login details too - if they have a backup vault I might be able to get it sorted for you straight away. Their support has gone very slow!
-
Its sorted for now - make sure they beef up your security though to stop it happening again!
-
Top man Nath. ;)
-
I should also mention - anyone with a WordPress website should update to the 4,7,2 release NOW - - a big vulnerability was announced (after the fix was released) last week - and every wannabe hacker on the planet seems to be taking advantage of sites that haven't been updated. Over 100,000 hacked in the last week according to recent reports!
-
Good on u Nat
-
Thanks Nat, some of it is back but some looks to be missing. Can't remember what exactly.
-
It's nice to put a face to the name. :)
Glad your back up and running atleast. Even if there's some that they have deleted.
-
I should also mention - anyone with a WordPress website should update to the 4,7,2 release NOW - - a big vulnerability was announced (after the fix was released) last week - and every wannabe hacker on the planet seems to be taking advantage of sites that haven't been updated. Over 100,000 hacked in the last week according to recent reports!
Thanks for the heads up Nat. All updated now...
-
http://panel-clean.co.uk/0x0-html/
-
2 sites hacked. All restored though.
-
2 sites hacked. All restored though.
At least they made it obvious.lol
Glad you got it sorted.
What did you have to do to sort the sites out?
-
They just wrote a couple of crappy posts on the affected Wordpress sites. Just deleted them.
-
I should also mention - anyone with a WordPress website should update to the 4,7,2 release NOW - - a big vulnerability was announced (after the fix was released) last week - and every wannabe hacker on the planet seems to be taking advantage of sites that haven't been updated. Over 100,000 hacked in the last week according to recent reports!
do u update the ones you have built .... such as mine for example ;D
-
Which one is yours again? I always get confused between real names & forum usernames!
I've literally thousands of sites I've built over the years, so it'd be impossible to update them all - but if anyone ever asks me to make changes, add blogs etc, I update every site I work on every time I visit it.
-
www.zecs.co.uk
-
Yep - yours is updated. :)
-
My site sorted thanks Nat, Letshost emailed to say there was nothing wrong with it today ............. and if they were to restore it would cost fifty euros! Which is odd as it's their security that lets it get hacked surely?
-
Did they mention changing passwords etc and updating security?
-
@Dave they will say that as you have left the site created in wordpress unpatched which is nothing to do with them.
Worst case scenario for all you know the site when hacked could have been loaded with a trojan which tries to infect other devices that visit the site and/or they try to steal your identity with key loggers etc.
Nat, a site may look ok but how do you know for sure there is no malice code been left there?
-
You can check the "Revisions" feature of your pages and posts to see if anything was added in the last few days that wasn't added by you - if it was, roll back to an earlier revision.
To be clear though - this only affected Wordpress 4.7 and 4.7.1 - older releases were safe, and 4.7.2 is now secure again.
https://wptavern.com/wordpress-rest-api-vulnerability-is-being-actively-exploited-hundreds-of-thousands-of-sites-defaced
-
I suppose a sure fire way to find out is when google blacklist your site. Then the real fun begins lol
-
Did they mention changing passwords etc and updating security?
They didn't mention anything other than the fifty euros. I guess by the time they checked you had restored it for me. To be honest I'd have let the site go for the fifty euro charge.