{"id":720,"date":"2022-10-24T01:19:00","date_gmt":"2022-10-24T01:19:00","guid":{"rendered":"https:\/\/www.prolimehost.com\/blogs\/?p=720"},"modified":"2022-10-24T17:19:29","modified_gmt":"2022-10-24T17:19:29","slug":"how-to-stop-hackers-in-their-tracks","status":"publish","type":"post","link":"https:\/\/www.prolimehost.com\/blogs\/how-to-stop-hackers-in-their-tracks\/","title":{"rendered":"How to Stop Hackers in Their Tracks"},"content":{"rendered":"<p><img decoding=\"async\" class=\" wp-image-723 aligncenter\" src=\"https:\/\/www.prolimehost.com\/wp-content\/uploads\/sites\/4\/Hackers-300x225.jpg\" alt=\"Hackers\" width=\"600\" height=\"450\" srcset=\"https:\/\/www.prolimehost.com\/blogs\/wp-content\/uploads\/sites\/4\/Hackers-300x225.jpg 300w, https:\/\/www.prolimehost.com\/blogs\/wp-content\/uploads\/sites\/4\/Hackers-512x384.jpg 512w, https:\/\/www.prolimehost.com\/blogs\/wp-content\/uploads\/sites\/4\/Hackers-320x240.jpg 320w, https:\/\/www.prolimehost.com\/blogs\/wp-content\/uploads\/sites\/4\/Hackers.jpg 640w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/>There was a time when the majority of sites that hackers focused on were government related, either defense contractors, utility companies or the like. Now, it seems as soon as a WordPress site is launched, it\u2019s prone to attack.<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_80 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.prolimehost.com\/blogs\/how-to-stop-hackers-in-their-tracks\/#Dont_get_de-indexed_because_of_hackers\" >Don\u2019t get de-indexed because of hackers<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.prolimehost.com\/blogs\/how-to-stop-hackers-in-their-tracks\/#The_dreaded_warning_page\" >The dreaded warning page<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.prolimehost.com\/blogs\/how-to-stop-hackers-in-their-tracks\/#Wait_until_your_malware_protection_kicks_in\" >Wait until your malware protection kicks in<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.prolimehost.com\/blogs\/how-to-stop-hackers-in-their-tracks\/#Its_not_all_on_your_hosting_provider_to_protect_your_site\" >It\u2019s not all on your hosting provider to protect your site<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.prolimehost.com\/blogs\/how-to-stop-hackers-in-their-tracks\/#Get_rid_of_security_loopholes\" >Get rid of security loopholes<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.prolimehost.com\/blogs\/how-to-stop-hackers-in-their-tracks\/#Sometimes_you_just_need_to_hire_a_security_expert\" >Sometimes you just need to hire a security expert<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.prolimehost.com\/blogs\/how-to-stop-hackers-in-their-tracks\/#BROUGHT_TO_YOU_BY_PROLIMEHOST\" >BROUGHT TO YOU BY PROLIMEHOST<\/a><ul class='ez-toc-list-level-5' ><li class='ez-toc-heading-level-5'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.prolimehost.com\/blogs\/how-to-stop-hackers-in-their-tracks\/#VPS_SERVICES_LIGHTNING_FAST_SSD_VIRTUAL_SERVERS\" >VPS SERVICES: LIGHTNING FAST SSD VIRTUAL SERVERS<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-5'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/www.prolimehost.com\/blogs\/how-to-stop-hackers-in-their-tracks\/#DEDICATED_SERVERS_BACKED_BY_A_999_SLA_NETWORK_UPTIME_GUARANTEE\" >DEDICATED SERVERS: BACKED BY A 99.9% SLA NETWORK UPTIME GUARANTEE<\/a><\/li><\/ul><\/li><\/ul><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Dont_get_de-indexed_because_of_hackers\"><\/span>Don\u2019t get de-indexed because of hackers<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Cybercriminals seem to love probing themes, plugins, logins and php files for vulnerabilities. The fastest way to get de-indexed by Google is to let your guard down, allowing these guys to upload malicious script on your site.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"The_dreaded_warning_page\"><\/span>The dreaded warning page<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Cleaning it up after the fact can be a real pain, not to mention your site will be redirected to a warning page that says your site is unsafe \u2013 to continue on to the site at your own risk. And even then, after clicking to continue through, the warning pops up a second time.<\/p>\n<p>The warning goes something like this. \u201cDeceptive Site Ahead. Attackers on www. xxxxxxx .com may trick you into doing something dangerous, like installing software or revealing your personal identification (for example, passwords, phone numbers or credit cards). Google Safe Browsing recently detected phishing on xxxxxxx .com. Phishing sites pretend to be other websites to trick you.\u201d<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Wait_until_your_malware_protection_kicks_in\"><\/span>Wait until your malware protection kicks in<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Wait until your malware protection catches on. You won\u2019t even get to the warning page as it\u2019ll block access to the site altogether.<\/p>\n<p>And <a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/definition\/cybercriminals\" target=\"_blank\" rel=\"nofollow noopener\">cybercriminals<\/a> don\u2019t just make one attempt and give up. They keep trying over and over and over. If you have your site locked down tight, no problem. If you\u2019re not on your toes, updating every WordPress version, theme and plugin as soon as they\u2019re released, you put your site at risk.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Its_not_all_on_your_hosting_provider_to_protect_your_site\"><\/span>It\u2019s not all on your hosting provider to protect your site<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Working with your hosting provider helps to some degree, but for the most part, you\u2019re on your own dealing with locking down a WordPress site. So what can you do to stop these guys in their tracks.<\/p>\n<ul>\n<li>Use strong passwords not just for your Admin login but also for your databases<\/li>\n<li>Modify the path for the Admin login<\/li>\n<li>When new versions for WordPress, themes or plugins are released, update them immediately<\/li>\n<li>Use a security plugin like WordFence or Shield WordPress Security<\/li>\n<li>Setup a Honey Pot script if you\u2019re not using the conventional Admin process, where as soon as these guys call&nbsp;https:\/\/mydomain\/wp-admin\/,&nbsp;their IP is automatically blocked via a .htaccess deny rule<\/li>\n<li>Use secure scripts<\/li>\n<li>Setup ModSecurity, but be aware that this can be time consuming to tweak just right.<\/li>\n<li>Use a CSF firewall<\/li>\n<\/ul>\n<p>Please remember that hackers can penetrate WordPress sites even if they\u2019re completely up-to-date. As exploits are discovered, updates to protect sites from these exploits are rapidly developed and released to the general public, but for some this is too late.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Get_rid_of_security_loopholes\"><\/span>Get rid of security loopholes<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>While owners of exploited sites think they should have been protected by their hosting provider, they\u2019re actually helpless to many exploits because of security loopholes created by their users.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Sometimes_you_just_need_to_hire_a_security_expert\"><\/span>Sometimes you just need to hire a security expert<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Sometimes, it comes down being forced to hire a security expert to determine how hackers are getting access to your site. Moving from one hosting provider to another won\u2019t help as you\u2019ll just take the problem with you. Your new hosting provider will love that (NOT).<\/p>\n<h4><img decoding=\"async\" class=\"aligncenter wp-image-51 size-full\" src=\"https:\/\/www.prolimehost.com\/wp-content\/uploads\/sites\/4\/2014\/08\/unnamed-e1408122780935.jpg\" alt=\"ProlimeHost Cheap Linux Server\" width=\"400\" height=\"80\" srcset=\"https:\/\/www.prolimehost.com\/blogs\/wp-content\/uploads\/sites\/4\/2014\/08\/unnamed-e1408122780935.jpg 400w, https:\/\/www.prolimehost.com\/blogs\/wp-content\/uploads\/sites\/4\/2014\/08\/unnamed-e1408122780935-300x60.jpg 300w\" sizes=\"(max-width: 400px) 100vw, 400px\" \/><\/h4>\n<h4><span class=\"ez-toc-section\" id=\"BROUGHT_TO_YOU_BY_PROLIMEHOST\"><\/span>BROUGHT TO YOU BY PROLIMEHOST<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>We\u2019ve been in the web hosting industry for over a decade, helping hundreds of clients succeed in what they do best and that\u2019s running their business. We specialize in Virtual Private Servers (VPS) and dedicated servers, with data centers in Los Angeles, Denver &amp; Singapore.<\/p>\n<h5><span class=\"ez-toc-section\" id=\"VPS_SERVICES_LIGHTNING_FAST_SSD_VIRTUAL_SERVERS\"><\/span>VPS SERVICES: LIGHTNING FAST SSD VIRTUAL SERVERS<span class=\"ez-toc-section-end\"><\/span><\/h5>\n<p>Our&nbsp;<a href=\"https:\/\/www.prolimehost.com\/ssd-vps-server\/\">Virtual Private Servers<\/a>&nbsp;all feature high performance Xeon processors and SSD storage in a RAID10 configuration to optimize your server\u2019s performance, which dramatically enhances visitor experiences on your site.<\/p>\n<p>That speed is backed by unparalleled 24\/7 support, featuring both outstanding response AND resolution times to maximize your uptime.<\/p>\n<p><strong><em>Now is the time to join the ProlimeHost virtual private server revolution.<\/em><\/strong><\/p>\n<h5><span class=\"ez-toc-section\" id=\"DEDICATED_SERVERS_BACKED_BY_A_999_SLA_NETWORK_UPTIME_GUARANTEE\"><\/span>DEDICATED SERVERS: BACKED BY A 99.9% SLA NETWORK UPTIME GUARANTEE<span class=\"ez-toc-section-end\"><\/span><\/h5>\n<p>We only use enterprise-class hardware in our&nbsp;<a href=\"https:\/\/www.prolimehost.com\/los-angeles-dedicated-servers\/\">dedicated servers<\/a>&nbsp;[1] and offer a four (4) hour hardware replacement. Throw in IPMI for remote management, support for public and private networks, free operating system (OS) re-installs, and SATA, SAS &amp; SSD (including NVMe) storage. Call 1-877-477-9454 or&nbsp;<a href=\"https:\/\/www.prolimehost.com\/contact\/\">contact us<\/a>&nbsp;[2]. For everything from gaming servers to&nbsp;<a href=\"https:\/\/www.prolimehost.com\/discounted-dedicated-server-deals\/\">cheap dedicated servers<\/a>, we\u2019re here to help.<\/p>\n","protected":false},"excerpt":{"rendered":"There was a time when the majority of sites that hackers focused on were government related, either defense&hellip;","protected":false},"author":3,"featured_media":723,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"csco_display_header_overlay":false,"csco_singular_sidebar":"","csco_page_header_type":"","footnotes":""},"categories":[1,10],"tags":[59],"class_list":{"0":"post-720","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-geneal","8":"category-tutorials-tips","9":"tag-wordpress-security","10":"cs-entry"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/posts\/720","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/comments?post=720"}],"version-history":[{"count":0,"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/posts\/720\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/media\/723"}],"wp:attachment":[{"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/media?parent=720"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/categories?post=720"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.prolimehost.com\/blogs\/wp-json\/wp\/v2\/tags?post=720"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}