Babiato Resources getting hacked or malicious codes? Do THESE NOW!

emailtoxima

emailtoxima

Active member
Jul 1, 2022
129
31
28
gopenny.sbs
Sometimes the hosting platform you use matters, i will advice you use namecheap or hostinger, they have antivirus scanner on all their hosting package, anytime someone tries to upload a malware or access your CP, they always block it and will send you an email asking if you were the one that was trying to upload it.....
 
Zer01ne

Zer01ne

Well-known member
Mar 21, 2020
1,373
3,428
120
I was about to write a similar post.
And I noticed nowadays, Most of the WP sites getting XML-RPC brute force attacks.
And of course, Babiato is not responsible for getting hacked as I believe most of the time it happens for old versions of plugins or themes.
Thank you so much for the post.
Take my love.
 
Last edited:
Escanor64

Escanor64

Active member
Jul 4, 2022
133
215
43
emailtoxima said:
Sometimes the hosting platform you use matters, i will advice you use namecheap or hostinger, they have antivirus scanner on all their hosting package, anytime someone tries to upload a malware or access your CP, they always block it and will send you an email asking if you were the one that was trying to upload it.....
Click to expand...
I don't use shared or reseller hosting. I use a 4-slice VPS plan from Interserver + additional features. That's where I have all of my websites and I pay a lot on a monthly basis to have my website running effectively. Namecheap isn't even secure. Lol.
 
Last edited:
  • Like
Reactions: yawspok
Escanor64

Escanor64

Active member
Jul 4, 2022
133
215
43
Zer01ne said:
I was about to write a similar post.
And I noticed nowadays, Most of the WP sites getting XML-RPC brute force attacks.
And of course, Babiato is not responsible for getting hacked as I believe most of the time it happens for old versions of plugins or themes.
Thank you so much for the post.
Take my love.
Click to expand...
True. It is very easy for those who do not understand the complexity of WordPress security to say a resource they downloaded from Babiato got their site hacked. I just hope everyone can take extra precautions concerning their sites. You're welcome :)
 
  • Love
Reactions: Zer01ne
gorillafreak

gorillafreak

Member
Nov 5, 2020
78
24
8
I ineed saw some activity like that, but it should not be on babiato as this community is so far good enough for all, so whoever is playing with nonsense code to get some crypto or money they can ?uck and ?uck their minds.
 
RoninHood

RoninHood

Shadowy Coder & Security Engineer
GiveAway Master
Null Master
Trusted Seller
Trusted Uploader
May 2, 2022
651
641
100
0.0.0.0/32
Escanor64 said:

Please take the time to read this!


In the past weeks, there have been several claims by users that resources from Babiato are riddled with malwares or that they downloaded resources from here only to get hacked or suspended by their hosting provider, with the recent complaint being this.

I actually use some of the resources here, most importantly Publisher Theme. I have several sites but my Publisher themed sites have suffered attacks the most. As a matter of fact, I wake up on some days only to see new categories and posts totally unrelated to my niches posted with several backlinks. All three of my Publisher-themed websites were successfully hacked, new posts created as well as new categories. Also, my files were modified with backdoor codes injected and funny media extensions uploaded to my root folder. I cleaned ALL, deleted my theme and plugin folders, reuploaded the Publisher theme and all of my plugins and changed all my passwords. A couple of days later, they were all hacked again.

Here was what I noticed; @TassieNZ shared the last update for the Publisher theme which was in July 2021 (well over a year ago). I'm not saying he did anything but a year since the last update of a WordPress theme and plugins is a recipe for disaster. Unfortunately, Babiato is well updated on the theme and it means the developers have not released any new update since over a year ago. Here is the official changelog of the Publisher Theme.

So, how do you prevent your WordPress blog/website from getting hacked?


1. CHOOSE a WordPress theme that is constantly updated! AVOID themes like Publisher, whether you buy from the developer or use the nulled version. It is a bad choice!
2. Disable theme and plugin editor on your WordPress backend. This is so that if your login details are hacked, it would be impossible to upload any malicious code into your root files. To do that, copy define( 'DISALLOW_FILE_EDIT', true ); into your wp-config.php file just above the line that says ‘That’s all, stop editing! Happy publishing’
3. Install Wordfence Premium from Babiato to your site. The free version is good but the premium is more robust. If you have a static IP, whitelist your IP and Immediately block IPs that access these URLs "/wp-login/" and "/wp-admin/". Also look through the settings and beef up your security.
4. Install Sucuri to monitor whatever changes was made to your files or activities done.
5. Disable the REST API for non-authenticated users. NOTE: Disabling the REST API completely breaks WordPress administrative functionality. If you want to disable access to REST API endpoints, you should instead only accept requests from authenticated users. Copy the following code snippet and then paste it at the bottom of your child's theme functions.php file:
add_filter( 'rest_authentication_errors', function( $result ) { if ( true === $result || is_wp_error( $result ) ) { return $result; } if ( ! is_user_logged_in() ) { return new WP_Error( 'rest_not_logged_in', __( 'You are not currently logged in.' ), array( 'status' => 401 ) ); } return $result; });
6. Disable the XML-RPC API for your website. XML-RPC is a security hazard. It’s often exploited by attackers looking to break into your site or launch a distributed denial-of-service (DDoS) attack. Most of XML-RPC’s functionality has been superseded by the REST API anyway, so disabling it doesn’t affect your experience all that much. You can use the Disable XML-RPC free plugin in the WordPress directory to do this but I recommend Hide My WP Premium plugin. This is so because you need to blurt out some information from your website such as version number, etc., which hackers often use to exploit website securities. In my case, I later found out the hacker was remotely posting on my website using the XML-RPC API without needing to login to my sites after cleaning up the entire sites. I have attached a screenshot from the Hide My WP Plugin where the hacker was trying to call the API after I disabled it.

Hackers are smarter and so should you! All the best!!!
Click to expand...
Great explanation, anyway instead of Hide My WP Premium I'd suggest to use WP Hide Security Enhancer Pro because it offers more features and it's definitely of superior quality in terms of security.

It's a bit trickier to get it working for the average user, but if configured properly and if proper measures are taken in order to make a WordPress website bullet-proof, the final outcome has no comparison in terms of efficiency and control over your own security.

Anyway now you gave me a good idea, I'll write a Thread about how to make a WordPress website bullet-proof covering parts going from OSINT/Recon Ops, to Hardening, Penetration Testing, Patching to finally plan an Incident Prevention & Response Strategy and last but not least, a Disaster Recovery Strategy.

Will post here the link to it once it will be ready!

Cheers :)
 
  • Like
  • Love
Reactions: ganjafama, Mscv50 and kevinschmidt
cesareborgia

cesareborgia

Member
Babiato Fan
Oct 19, 2020
62
14
8
Escanor64 said:
I don't use shared or reseller hosting. I use a 4-slice VPS plan from Interserver + additional features. That's where I have all of my websites and I pay a lot on a monthly basis to have my website running effectively. Namecheap isn't even secure. Lol.
Click to expand...

I know it's a bit late, but if you are being hacked on a VPS, most of the time, the fault lies on you.
The server is yours to use and maintain.
Basically, it's your server.
Personally, I like the combo Cloudflare Pro + Bitninja.
If you take security seriously, plugins are useless.
 
  • Like
Reactions: Bossmanuk and zane09
hier

hier

New member
Nov 4, 2022
1
0
1
Good tips, but if you able to avoid Wordpress; I suggest that because of WP is not easy to secure.
 
zane09

zane09

Member
Apr 25, 2020
71
20
8
cesareborgia said:
I know it's a bit late, but if you are being hacked on a VPS, most of the time, the fault lies on you.
The server is yours to use and maintain.
Basically, it's your server.
Personally, I like the combo Cloudflare Pro + Bitninja.
If you take security seriously, plugins are useless.
Click to expand...
All Security plugins are USELESSSSS, depending on who is targeting you.. Yea that's right!
Learn how to use Cloudflare to protect your website and sleep with your 2 eyes closed 😴
 
  • Like
Reactions: cesareborgia
DatDudeUpStairs

DatDudeUpStairs

Be the change that you wish to see in the world.
Trusted Uploader
Jun 30, 2019
1,334
786
113
Asgardia
falconIV said:
I always scan the files in virus total after downloading from here.
Click to expand...
That's the recipe for a great disaster; the virus total is not omnipotent like everyone is inclined to believe.
Virus total can't find the security holes the developer has internationally / unintentionally added to their code.
It can not find some backdoors among so many other things.
Always use the latest version of the files.
Don't use the files which are no longer maintained.
Always download the files which are approved or added by trusted uploaders.


Use the method given here + a security plugin

And lastly, Have a great day!

Cheers 🥂
 
Last edited:
  • Like
Reactions: Escanor64 and Zer01ne
You must log in or register to reply here.

Similar threads

F
is there a forum like babiato, but for drupal resources?
Replies
1
Views
1K
General Tech Discussion
tugster
tugster
Morehere
Tricks to recover lost contents after Babiato lost DB data
Replies
14
Views
1K
General Tech Discussion
Morehere
Morehere
inliadev
Does anyone have another option for Babiato
Replies
3
Views
735
General Tech Discussion
MrSam_1
MrSam_1
blow
  • Poll
[Poll] Would You Like To See A Wordpress Discussion Section Added To Babiato?
Replies
3
Views
585
General Tech Discussion
frizzel
frizzel
sectaofire
How Babiato fights Spam?
Replies
4
Views
776
General Tech Discussion
ELLIO7
ELLIO7

Latest posts

Forum statistics

Threads
69,226
Messages
908,433
Members
237,016
Latest member
karasukun01

Share this page

Share this page

About us

  • Our community has been around for many years and pride ourselves on offering unbiased, critical discussion among people of all different backgrounds. We are working every day to make sure our community is one of the best.

Quick Navigation

Forums Contact us

User Menu

Login
Community platform by XenForo © 2010-2022 XenForo Ltd.
Top Bottom