Wordpress site upgrade to latest versions and cleansed of malicious content
- Posted:
- Proposals: 3
- Remote
- #908974
- PRE-FUNDED
- Completed
have already sent a proposal. Description
Experience Level: Intermediate
Estimated project duration: 1 day or less
General information for the website: Small business webiste
Num. of web pages/modules: 6
Description of every page/module: 2 of my wordpress sites have been suspended by 123-reg due to being hacks. Site need to be 'cleansed of any malicious content and apps need updating to latest versions. I am looking for someone to complete this for me ASAP as obviously the site is down.
The sites are very simple - 1 has 5 pages, the other 1 page
Specific request form 123-reg detailed under extra notes
Description of requirements/features: 2 of my wordpress sites have been suspended by 123-reg due to being hacks. Site need to be 'cleansed of any malicious content and apps need updating to latest versions. I am looking for someone to complete this for me ASAP as obviously the site is down.
The sites are very simple - 1 has 5 pages, the other 1 page
Specific request form 123-reg detailed under extra notes
Extra notes: 2 of my wordpress sites have been suspended by 123-reg due to being hacks. Site need to be 'cleansed of any malicious content and apps need updating to latest versions. I am looking for someone to complete this for me ASAP as obviously the site is down.
The sites are very simple - 1 has 5 pages, the other 1 page
Request from 123-reg as follows:
I am writing to advise you that a site mapped to your hosting package has been hacked to host malicious content that is sending spam through our servers. We take such incidents very seriously as they can not only affect your own account but can also affect other accounts on the same server by resulting in its IP address being added to various spam black lists, as well as impacting performance/stability due to excessive load.
Due to the serious nature of this incident, I am afraid that public access to your sites have been suspended until such time we receive an update to this incident to confirm what steps have be taken to resolve this issue.
While we appreciate that you may not have been aware of what has been happening as the account holder you are responsible for the content of all files within your allocated webspace. This includes safe keeping of FTP credentials and and ensuring any publicly accessible application scripts are kept up-to-date and do not contain any known security vulnerabilities that may be exploited and used for abuse activity such as relaying spam and allowing files to be uploaded without your knowledge.
Please check your webspace and ensure any third party scripts being used in the sending of spam are identified and removed and any of the scripts exploited updated or removed.
Once you have accessed your file manager please ensure your webspace is thoroughly inspected, deleting any files you do not recognise or that have been uploaded recently, including files beginning with a full-stop character, considered hidden files which most FTP clients do not display by default.
We would also recommend that you change your FTP password in case that has also been compromised, ensuring it is secure, contains numbers and mixed case letters, and does not have any correlation to the domain or email address. Instructions on how to change your password can be found here: http://www.123-reg.co.uk/support/answers/Web-Hosting/Web-Tools/changing-your-ftp-password-4209/
Simply deleting the malicious content and changing passwords is unlikely to address the root cause, which is typically due to out-of-date scripts allowing unauthorised uploads. Hence please ensure any scripts such as WordPress or Joomla are also updated.
The below external links provide additional guidance on securing websites with script vulnerabilities. Please ensure the recommendations provided are followed to avoid recurrence:
Joomla:
http://docs.joomla.org/Security_Checklist_7
WordPress:
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://codex.wordpress.org/Hardening_WordPress
To have your hosting package reinstated please update this incident when you have secured your site, per the recommendations above, including updating all web apps.
We apologise for any inconvenience this may cause, but hope all customers can appreciate the impact that this can have on all customers.
Kind Regards
Num. of web pages/modules: 6
Description of every page/module: 2 of my wordpress sites have been suspended by 123-reg due to being hacks. Site need to be 'cleansed of any malicious content and apps need updating to latest versions. I am looking for someone to complete this for me ASAP as obviously the site is down.
The sites are very simple - 1 has 5 pages, the other 1 page
Specific request form 123-reg detailed under extra notes
Description of requirements/features: 2 of my wordpress sites have been suspended by 123-reg due to being hacks. Site need to be 'cleansed of any malicious content and apps need updating to latest versions. I am looking for someone to complete this for me ASAP as obviously the site is down.
The sites are very simple - 1 has 5 pages, the other 1 page
Specific request form 123-reg detailed under extra notes
Extra notes: 2 of my wordpress sites have been suspended by 123-reg due to being hacks. Site need to be 'cleansed of any malicious content and apps need updating to latest versions. I am looking for someone to complete this for me ASAP as obviously the site is down.
The sites are very simple - 1 has 5 pages, the other 1 page
Request from 123-reg as follows:
I am writing to advise you that a site mapped to your hosting package has been hacked to host malicious content that is sending spam through our servers. We take such incidents very seriously as they can not only affect your own account but can also affect other accounts on the same server by resulting in its IP address being added to various spam black lists, as well as impacting performance/stability due to excessive load.
Due to the serious nature of this incident, I am afraid that public access to your sites have been suspended until such time we receive an update to this incident to confirm what steps have be taken to resolve this issue.
While we appreciate that you may not have been aware of what has been happening as the account holder you are responsible for the content of all files within your allocated webspace. This includes safe keeping of FTP credentials and and ensuring any publicly accessible application scripts are kept up-to-date and do not contain any known security vulnerabilities that may be exploited and used for abuse activity such as relaying spam and allowing files to be uploaded without your knowledge.
Please check your webspace and ensure any third party scripts being used in the sending of spam are identified and removed and any of the scripts exploited updated or removed.
Once you have accessed your file manager please ensure your webspace is thoroughly inspected, deleting any files you do not recognise or that have been uploaded recently, including files beginning with a full-stop character, considered hidden files which most FTP clients do not display by default.
We would also recommend that you change your FTP password in case that has also been compromised, ensuring it is secure, contains numbers and mixed case letters, and does not have any correlation to the domain or email address. Instructions on how to change your password can be found here: http://www.123-reg.co.uk/support/answers/Web-Hosting/Web-Tools/changing-your-ftp-password-4209/
Simply deleting the malicious content and changing passwords is unlikely to address the root cause, which is typically due to out-of-date scripts allowing unauthorised uploads. Hence please ensure any scripts such as WordPress or Joomla are also updated.
The below external links provide additional guidance on securing websites with script vulnerabilities. Please ensure the recommendations provided are followed to avoid recurrence:
Joomla:
http://docs.joomla.org/Security_Checklist_7
WordPress:
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://codex.wordpress.org/Hardening_WordPress
To have your hosting package reinstated please update this incident when you have secured your site, per the recommendations above, including updating all web apps.
We apologise for any inconvenience this may cause, but hope all customers can appreciate the impact that this can have on all customers.
Kind Regards
New Proposal
Login to your account and send a proposal now to get this project.
Log inClarification Board Ask a Question
-
There are no clarification messages.