My site KEEPS getting hacked

By +Nik Louch
in Smart Home, Network & Security

 Share

Recommended Posts

Grand Master

+Nik Louch Subscriber²

Posted
  • Subscriber²
Posted

I have my own shared webhosting provided through UKHost4u... I host a wordpress blog on there. It keeps getting hacked. I've changed all passwords, etc. Wiped the space clean, reinstalled over 3 times now.

The recent reinstall was a few days ago. I slapped a theme on but haven't had chance to post yet.

And BAM it's got another damned JavaScript injection.

I hosted previously under another provider and no such issues.

I have spoken to the hosts, and they say that it's basically not their issue.

Can someone help, gimme an idea whats going on? I'm at my witts end over this...

www.brandbeast.co.uk

Link to comment
https://www.neowin.net/forum/topic/1112071-my-site-keeps-getting-hacked/
Share on other sites
Grand Master

+Ryster Subscriber²

Posted
  • Subscriber²
Posted

Setup your domain to use cloudflare... it adds an extra layer of protection by blocking connections from know hackers, spammers, etc. It also provides a cache of your site when your actual host is down. Best of all it's free :)

Not saying it'll 100% solve your problems, but it can't hurt.

More info:

http://www.cloudflar...atures-security

Grand Master

Noir Angel

Posted
Posted

Move to a host with support for mod_rewrite, it allows scripts to write files to those directories without them needing to be chmodded at 777 for full public access. Your host's security practises sound pretty poor

Grand Master

Noir Angel

Posted
Posted

In fairness, I don't fully know what I'm doing, they seems to offer a lot of things, but they just aren't being particularly helpful :(

If they had mod_rewrite it would be set up server side in PHP, it doesn't need to be configured independently by each customer :) I admit Linux isn't my strength but a good admin would be able to harden a Linux server against such exploits.

Mentor

cybertimber2008

Posted
Posted

Yea it's probably that. What OS are you using and what services do you have running (SSH, FTP, etc)?

If you are running Linux, set up a seperate partition for /var/www , and set it in /etc/fstab to mount read-only by default. When you need to add something, you run "mount -o remount,rw /var/www" to make it writable, and then "mount -o remount,ro /var/www/" when you are done.

That and there should be a guide on what folders should have what permissions set. You should take care to make sure those are set.

Proficient

Nexx295

Posted
Posted

Ask your host to install ModSecurity and/or Suhosin. ModSecurity is a web application layer firewall and Suhosin protects from insecure codes used by inexperienced PHP developers.

Another thing your host should do is to run PHP in suPHP or FastCGI mode so the hackers can't make use of insecure file and folder permissions.

It seems like you have some vulnerable plugins/themes, so ask your host to do a maldet scan for your account, provide you with a list of infected files and then search the access logs to see who the hacker is and how he was able to inject the infected files. You should also see in the logs the script that was exploited to inject the malware and then you'll know which plugin or theme you should remove.

If your host can't help you with this, then it's about time that you search for a more experienced and secure provider, preferably a CloudFlare partner so you can use CloudFlare to add an extra layer of security and speed up your website. If you need a recommendation which would fulfill the stuff mentioned above, I'd be glad to help.

Grand Master

Yorak

Posted
Posted

By chance, are you using a theme from a third party, or a paid one for free? Catch my drift?

If so, I guess they can be infected just like any other file that can be retrieved like that. If you are uploading the same theme each time and don't notice the problem until you upload it, then we probably have the answer. Just check the theme files out to see if they are infected. NOD32 gave me five separate warnings about your page. I'll have to check the logs to see what all it found.

Mentor

Gaffney

Posted
Posted

ukhost4u doesn't exactly look like the best host 22 out of 79 ratings on the google review of the site are 3 stars or under. I'm also doubting some of the reviews since 20 of them are duplicates and all of them are 3 or 4 stars. There is only one four star rating with a name attached and only 15 of the 40 5 star ratings have names attached.

I'm with stablehost(they have servers in Germany). They aren't the biggest but they have good ticket support, good server stats and the best thing about them for me is they are really reliable. I've only had to contact support twice since 10th July 2011 the last one being in January. One was my fault with importing a SQL table that went into a loop and they helped fix that problem, the other was one of their servers hardware started to crap out causing the site to go slow, they moved me to a new server. Really good prices as well so their name fits the bill.

I'm really skeptical after being on hostgator, sharkspace, dreamhost and two other small hosting sites. The big ones have dumb staff and their servers get problems often, the small ones usually have support issues since they usually only have a couple of people running it in their past time so when things go wrong it might take a few hours to get a ticket response. Stablehost is in the middle taking the best from both.

Not sure how stablehost deal with hack attempts though, my site's have been hacked before but not on stablehost. Could be they have tough defenses or no one has aimed at me in the last year or so.

If you fancy them click here

If not my advice is don't go with the big giants or one man shows.

Experienced

Ph1b3r0pt1c

Posted
Posted

Um, while I value the time u spent...

It did not say you had a virus, it said it blocked a javascript injection. Why is it ok to blame the host and not my securing of my site?

Because nothing anyone says here is going to fix it. This is up to the site admins and not you.

Grand Master

+Nik Louch Subscriber²

Posted
  • Author
  • Subscriber²
Posted

Site admins? Have you followed the thread? It's MY site. Sure it's on their servers, they host it, but I uploaded Wordpress, set it up, installed the theme and didn't lock anything down beyond the standard install...

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Millions of users to benefit from Windows 11's new performance boost on Adobe Photoshop

      By hellowalkman · Posted

      Millions of users to benefit from Windows 11's new performance boost on Adobe Photoshop by Sayan Sen Despite the advent of AI-generated imagery, Adobe's Photoshop remains one of the most popular tools on this planet. Adobe does not have a publicly reported total user count but it's probably not wrong to assume there are millions. As of 2025, Adobe Creative Cloud has had approximately 41 million paid subscribers, many of whom likely use Photoshop. In addition, more than 166,000 companies worldwide are apparently also using the app. These figures are according to a very recent report by SQ Magazine. Out of them, it is fair to assume that many are probably running Windows. As such, there is good news for these users as Microsoft has announced Photoshop is getting a big 20% performance boost on x86-64 (AMD64) systems and a 13% bump-up on Arm devices. This is definitely great news for them as many have complained about the slow performance and general sluggishness of Photoshop on Windows 11 ever since the advent of the latter back in 2021. If you are wondering how Microsoft managed to do this, the answer lies in a combination of compiler-level optimizations and a technology called Sample Profile Guided Optimization (SPGO). According to Microsoft, Adobe worked closely with the company’s Visual C++ team and adopted the latest MSVC toolchain enhancements together with SPGO to squeeze more performance out of Photoshop’s CPU-bound workloads. Unlike traditional Profile Guided Optimization (PGO), which requires developers to create special instrumented builds and run lengthy training workloads, SPGO gathers performance data directly from optimized release binaries. This means Adobe could collect real-world usage information which gives a major advantage to this technique, as companies could leverage data collected from actual customer workloads rather than only relying on synthetic benchmark runs. In theory, this should allow optimizations to better reflect how users interact with software in the real world. Thanks to this, there are improvements to code layout, function inlining, hot-and-cold code separation, and other low-level tweaks that help processors execute instructions more efficiently. Essentially the compiler is better able to identify “hot” code paths, those which are most frequently executed, and optimize them accordingly.
    • The 2TB Samsung 990 PRO NVMe SSD hits lowest price in over three months

      By fernan99 · Posted

      "The 2TB Samsung 990 PRO NVMe SSD hits lowest price in over three months¨ I'd prefer to see the lowest price in over a year
    • The 2TB Samsung 990 PRO NVMe SSD hits lowest price in over three months

      By sphbecker · Posted

      Glad these prices are starting to come down, but that is still crazy. I bought the 2TB 9100 Pro (slightly more expensive version with PCIe 5.0) last year for $240.
    • The 2TB Samsung 990 PRO NVMe SSD hits lowest price in over three months

      By hellowalkman · Posted

      The 2TB Samsung 990 PRO NVMe SSD hits lowest price in over three months by Sayan Sen Yesterday, we covered a really good deal wherein you can get a 4TB TeamGroup T-FORCE G50 NVMe PCIe Gen4 SSD for a low price of just $400 with a special discount coupon. That's just $100 per TB, making it a very good offer during these hard times. The deal is still live, so you can check it out in its dedicated article here if you do not want to miss out. Meanwhile, if you don't have that kind of budget but still wish to buy an SSD for a good price, the 2TB variant of the TeamGroup SSD at $280 its lowest price in over three months. Meanwhile, those seeking 2TB but faster performance can check out Samsung's 990 PRO, which has hit the lowest price also in the last quarter or so, as it's on sale for $370 (purchase links under the specs table down below). Thus, you want a faster drive, get the 990 Pro, or you want more capacity, grab the TeamGroup 4TB linked in the first para. The 990 PRO is a PCIe Gen4 NVMe SSD and still one of the fastest drives available today for under $500. Speaking of fast, sequential reads and writes are rated at 7450 MB/s and 6900 MB/s, respectively. The random throughputs for reads and writes are 1400K IOPS and 1550K IOPS, respectively. The 990 PRO is based on Samsung's 7th Gen V-NAND flash, and it too is TLC. It packs 2 gigs of LPDDR4 DRAM cache, which helps the random performance. The endurance rating for this is 1200 TBW (terabytes written), which should be sufficient for most users. The Samsung 990 PRO is compatible with the PlayStation 5, but if you are going to use the 990 PRO on a PC, check out the Samsung Magician app that lets you track your drive's health, update its firmware, customize various settings, and more. The tech specs are given below: Specification TeamGroup T-FORCE G50 2TB Samsung 990 PRO 2TB Interface PCIe 4.0 x4, NVMe 1.4 PCIe Gen 4.0 x4, NVMe 2.0 Form Factor M.2 2280 M.2 2280 Controller InnoGrit Controller Samsung In-house Controller NAND Flash 3D TLC 3D TLC DRAM Cache None (HMB supported) 2GB LPDDR4 Sequential Read (Max) 5,000 MB/s 7,450 MB/s Sequential Write (Max) 4,500 MB/s 6,900 MB/s Random Read (4K) Up to 600,000 IOPS Up to 1,400,000 IOPS Random Write (4K) Up to 700,000 IOPS Up to 1,550,000 IOPS TBW (Endurance) 1,300 TBW 1,200 TBW MTBF 3,000,000 hours 1,500,000 hours Operating Temperature 0°C to 70°C 0°C to 70°C Storage Temperature -40°C to 85°C -40°C to 85°C Shock Resistance 1,500G / 0.5ms 1,500G / 0.5ms Heatsink Patented Graphene Heat Spreader No Get them at the links below: Samsung 990 PRO SSD 2TB (MZ-V9P2T0B/AM): $369.99 (Sold and Shipped by Amazon US) TEAMGROUP T-Force G50 2TB SSD (TM8FFE002T0C129): $279.99 (Sold by TeamGroup, Shipped by Amazon US) Good to know This Amazon deal is U.S. specific, and not available in other regions unless specified. We only use first-party seller links (at the time of article publishing); ensure that you purchase from a first-party seller link only. Check out Today's Deals on Amazon | or our recent tech deals. Become a Prime member (for Students or SNAP) via Neowin Get Prime Access - Prime for half price (for qualifying Medicaid, EBT, SNAP) Subscribe to Prime Video, Audible Plus, Music Unlimited or Kindle Unlimited via Neowin As an Amazon Associate, we earn from qualifying purchases.
    • Major Xbox layoffs may claim South of Midnight developer Compulsion entirely

      By PeterTHX · Posted

      If you can't spell a simple word that 2nd graders learn, your entire argument is suspect.

  • Recent Achievements

    • First Post
      Jocimo earned a badge
      First Post
    • Week One Done
      suprememobiles48 earned a badge
      Week One Done
    • One Month Later
      Windows Guy earned a badge
      One Month Later
    • One Month Later
      Prasann earned a badge
      One Month Later
    • Week One Done
      Prasann earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      519
    2. 2
      +Edouard
      174
    3. 3
      PsYcHoKiLLa
      90
    4. 4
      Steven P.
      81
    5. 5
      ATLien_0
      70
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!