My site keep getting hijacked

Hi. Even if i have a pro security plugin for my wp site and even if i enabled all possible hard security measures i keep getting hacked. Everyday someone or something inject a .php files in my public html directory and redirect my site to malicious url. I made whole scanning and nothing have been found. All my plugins are up to date, my theme is up to date. I’m really worried cause they inject malicious files everyday in my main directory. They change the index.php with malicious url redirection everyday! they also have been able to change my admin pass and they daily upload weird folders in my public html directory with weird letters. Can u help me understading how they can keep bypassing all my security rules, included my security plugin’s firewall rules ecc. I’m really desperate! Thank you so much, waiting for your response i wish u a great day!

Are you using some kind of an obsolete plugin or a vulnerable one which isn’t updated? :thinking:

Are you using WP File Manager?

Otherwise, maybe the database contains malware or malicious code which even you could contain in a backup version of your website.

That sounds like a some kind of a malware to me from what I’ve experienced and saw.

I have to admit this is not a Cloudflare issue to me. You could determine if this behaviour continues even by using a “Pause” option at Cloudfalre as follows:

  1. Use the “Pause Cloudflare on Site” option from the Overview tab for your domain at dash.cloudflare.com .
  2. The link is in the lower right corner of that page.
  3. Give it five minutes to take effect, then make sure site is working as expected with HTTPS.

It would be great for your hosting to scan your website with Imunify360 at least.

Consider changing your database and user password and your WordPress user credentials, also check the CHMOD over directories in wp-content folder including all of the plugins and uploads too.

Sharing useful topic/post from me about protecting WordPress while using Cloudflare:

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.