WordPress is an open source content management system running on PHP and MySQL, and often used as a blog engine. Specific Wordpress questions are best asked at https://wordpress.stackexchange.com
Questions tagged [wordpress]
290 questions
0
votes
1 answer
WordPress site is infected with malware, cannot find dropper
I am in a bit of an annoying situation. I inherited responsibilities of a WordPress multisite once managed from from other contractors and that site has been infected with virus dropping malware.
I am however, in a black box. The site is hosted by…
![](../../users/profiles/94924.webp)
rugbert
- 109
- 1
-1
votes
3 answers
Malware in RevSlider plugin?
Maybe my WordPress site is hacked, because it's always sending spam (5000 per day). I found one file in plugins folder which contains this base64 code.
What should I do?
EDIT: Oh, I found another one.
EDIT 2: And another one.
![](../../users/profiles/73050.webp)
Joci93
- 671
- 7
- 10
-1
votes
2 answers
Website Loading Content from Malicious Sites
I own a website. Now today I find that when I load the site, Chrome shows "waiting for xxx.com" and some other unknown sites.
I never added content or links from these sites.
The website is running on WordPress.
What can be the cause of this issue?
![](../../users/profiles/6380.webp)
techno
- 475
- 1
- 4
- 13
-1
votes
1 answer
How a backdoor can be uploaded?
I am inspecting a Wordpress web site for a client and I have found that some backdoor were present in the webroot folder.
Now I have to understand how the attacker did that reviewing the source code that the client provides to me.
What are the ways…
![](../../users/profiles/31901.webp)
ibrahim87
- 85
- 1
- 2
- 10
-1
votes
1 answer
How to limit access to wp-admin in case of a dynamic IP address?
I have dynamic IP address and I am trying to find the solution to limit the access to wp-admin. It seems that the only option is to block the access by domain name by using a Dynamic DNS Manager instead of IP address. Are there any alternatives?
![](../../users/profiles/214733.webp)
elievi
- 11
- 2
-1
votes
1 answer
Removing wp-config-sample.php file
Removing wp-config-sample.php file from the root of the WordPress application can be considered as a good security practice or it does not make any difference for security?
![](../../users/profiles/198173.webp)
chrysst
- 157
- 4
-1
votes
1 answer
wpscan is not show the real version
When I scan WordPress site with wpscan I see in the results that I have version 2.10.3 in WP Rocket
Title: WP Rocket <= 2.10.3 - Local File Inclusion (LFI)
| Fixed in: 2.10.4
But I when I check the website I see the version is higher…
-1
votes
1 answer
Should I blacklist countries to stop brute force attacks?
I'm getting attacks at wp-admin from numerous countries and IPs. When I get a notification from Wordfence that there has been an attack, I blacklist the originating country from the WP backend. Then I get more attacks from other countries. Should I…
![](../../users/profiles/192639.webp)
JL1953
- 3
- 1
-1
votes
2 answers
How can i access any useful information in a wordpress site?
While penetration testing for a university assignment, I found an exploit that might be the one the teacher has been hinting for, found here:
https://www.exploit-db.com/exploits/45439/
I used it and got access to the etc/passwd file (which doesn't…
![](../../users/profiles/189680.webp)
MonaH
- 1
-1
votes
1 answer
How to stop wordpress attack with bot?
Here are some files that hackers modified.
Inside my WordPress installation, I found an unknown folder called ID3 inside of a folder called ID3.
three files
1.bots.php
this is bots.php code
GNU nano 2.3.1
File: bots.php …
![](../../users/profiles/186084.webp)
sanjan
- 99
- 2
-1
votes
1 answer
Obfuscated PHP code found on Wordpress site - has it been compromised?
Firstly - I expect the answer to be yes. But I never dealt with something like this so I would like some advice.
A client has recently complained that their website went down. So I started investigating. It's a wordpress site running WP 4.6.10.…
![](../../users/profiles/182740.webp)
PeterTheLobster
- 99
- 2
-1
votes
1 answer
Header.php keeps changing with JavaScript code in WordPress
I observed that my post on the blog takes too much time to load and I started to try finding out the issues behind it. I found there's a JavaScript code injected in header.php here:
var a=''; setTimeout(10); var default_keyword =…
![](../../users/profiles/93682.webp)
KamleshNishad
- 9
- 2
-2
votes
0 answers
Best practices for IP protection on photography site
Before all the un-helpful comments come out of the woodwork (i.e. "if you want to protect it, don't upload it") - I get it. The only way to protect it is to not put it out there. Not an option, not helpful. Home security isn't about never allowing…
-2
votes
1 answer
How to force authentication over HTTPS - Wordpress
During our last PCI scan, we received these 2 fail points:
"Basic Authentication over HTTP" and
"Web Page Transmits Login Credentials Without Encryption." Both were on Port 2077.
Though our Wordpress website has an SSL, it seems as if logging in is…
![](../../users/profiles/180141.webp)
Arvy S.
- 15
- 5
-2
votes
2 answers
All my PHP files has injected code in them. What do I do now?
I have like 10 websites on my account using WordPress and some custom coded websites. But all of my website files have this code at the beginning of every PHP file:
![](../../users/profiles/92512.webp)
user3125294
- 11
- 1