Home Forums Weaver Xtreme Theme Access to Weaver Xtreme via CPanel

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #70356
    Lplate
    Participant

    Is there a way to use CPanel to remove diverts? My WordPress website, using Weaver Xtreme, was recently hacked and the hackers put a divert into the system so that users and my login get diverted to other unwanted sites. I asked my server provider to switch off all public access. There were previously a number of people who could log on to the site and I assume one of them left a backdoor open for the hackers. I can still log on using CPanel have used it to delete all the other users including the hackers. I have run the Weaver checksum and it indicated all OK. Is there a way to use CPanel to remove the diverts? I am a septuagenarian novice and happy to learn. Thanks for reading.

    #70360
    scrambler
    Moderator

    I am not sure what you call diverts and where they have been placed.

    If you have been hacked, your provider should be able to help you clean things up as they are motivated in not leaving malware on their servers.

    Also, are you using a security plugin like the “Wordfence security” plugin (free version). If you do, it should have a scan / clean option.

    If not, you should install “Wordfence security” and let it run a scan.


    @weaver
    may have more info for you.

     

    #70363
    Lplate
    Participant

    Thanks for the advice regarding “Wordfence”.

    I have hopefully cleaned up the hack and improved the login security via the Cpanel and then run Wordfence as you suggested and removed any items identified as malicious or unsafe. Thanks agian.

    #70364
    scrambler
    Moderator

    Keep Wordfence up and running at all times 🙂

    #70369
    Weaver
    Keymaster

    Cleaning up a hacked WP site is normally fairly simple done by reverting to a version before the hack which can be done by backups.

    Hacks normally involve either actually modifying the WP/Theme/Plugin code directly, or by getting into the database. So a restore would involve a full restore of both the database and the WP/Theme/Plugin files.

    If the site has users with logins, that can be a source of the breakin, and forcing a reset of that login info might be necessary in he worst case.

    Using Wordfence generally keeps an ordinary site pretty save as it can detect added or changed files that aren’t normally part of WordPress. It also does some login checking.

    If you ever get a denial of service attack, that is a completely different animal than actual site hacking, but can be prevented by using Cloudflare or other similar service. I’ve experienced a denial of service attack a couple of times, and Cloudflare blocked it very quickly. The basic Cloudflare service is free.

Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.