I keep getting hacked
-
I have a reseller package with Bluehost for the past 11 years. They stopped selling reseller packages about a decade ago so I know the server I am on is from 2009. Very outdated. On Dec 9, several sites in my WHM got hacked. I’ve gone through a long checklist of all the things to do such as change passwords, 2FA, even changed computers.
This one site in particular I recently did the following:1. Deleted all ftp accounts, MySQL databases, all files, everything so basically starting from scratch.
2. Installed a fresh copy of WordPress and a maintenance mode plugin.
Sure enough, it took about 48 hours for it to be hacked again. The files they are adding are as follows:
robots.txt
simple.php
chosen.php
.htaccess (modified)
groupon.php
sample.php
.user.ini
index.php (modified)
network.php
I could really use some help or even a point in the right direction if you know the name of this hack. One person told me it might be the Japanese Keyword Hack.The blog I need help with is: (visible only to logged in users)
-
We can’t help as the wordpress.com platform has nothing to do with any other hosting platform. Only Bluehost support can help.
-
Hello, I recently fixed a server with the same issue & wrote about it. Most likely, the server setup is not properly configured. If the “chosen.php” file keeps coming back, the attackers may’ve triggered PHP scripts in the background.
More info:
- The topic ‘I keep getting hacked’ is closed to new replies.
WordPress.com Forums 