Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Andej Bogomol'ov2015-06-23 10:43:40
Antivirus
Andej Bogomol'ov, 2015-06-23 10:43:40

What website antivirus do you use?

Good afternoon, IT brothers and other mortals... I recently launched a website on WordPress. Yes, but the trouble has just begun: steadily, once every 2 months, the hosting provider blocks it, saying that malicious code has been detected.
After checking this news, I am convinced that it is so. I cleaned, cleaned, restored access ... It repeats again, for the third time.
How do you set up security in WP? Maybe there is some tricky plug-in, ala-antivirus ..? Thanks in advance. Ps There are a couple more sites on the host, but there are no problems with them.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

6 answer(s)
Report
N
Nathan, 2015-06-23
@bogosverch

Andrey Parkhomenko usually the problems lie in the jambs with the site settings, the jambs with the rights to files and directories, or crooked plugins / themes.
Read about the vulnerabilities in the wordpress security white paper and 10 WordPress security tips .
On Habré, read about detecting malicious PHP files , if you yourself cannot look for a vulnerability, you can try to look for it with plugins or special services. Theme Authenticity Checker (TAC) plugin checks theme files, Exploit Scanner plugin plugin, Anti-Malware plugin. You don’t need to install a bunch of plugins right away, install one at a time, look for a vulnerability - if you don’t see it, disable it and try another plugin. On a permanent basis, you can keep some simple plug-in for monitoring changes in files and folders, something like WordPress File Monitor (not updated for a long time, but still working properly).
Try checking your site with Yandex Manul or AI-Bolit crawler .
PS
If there are suspicions that third parties have access to your site or account, then change all passwords, starting with hosting passwords and ending with the admin password in wordpress.
Make regular backups of your files and database, and keep them as long as possible on another server.
dytH3lh.jpg

Report
M
mindnomind, 2015-06-23
@mindnomind

In fact, you need to follow the plugins, use only proven ones, without holes. Again, do not use free templates downloaded from I don’t understand what resources. Store access in a safe place. File permissions must be set to correct.
You can use this library to check: revisium.com/ai
It may well be that you have a shit hoster and the infection is transmitted from your server neighbor, this happened to me too. In general, I advise you to use vps

Report
S
Sanes, 2015-06-23
@Sanes

None. It is enough to have a head on your shoulders and not to put everything in a row from file dumps.

Report
A
awaik, 2015-07-02
@awaik

almost always solved by installing Better Wordpress Security - a good plugin that closes a bunch of holes, sets file permissions, closes enumeration, etc.

Report
N
nojoke, 2017-04-05
@nojoke

Here is another antivirus for www.secbot.org/website-antivirus .
Pretty fast growing project.

Report
V
v_k, 2020-04-14
@v_k

avirlab.com

Similar questions
Y
Yuri Yerusalimsky2016-02-25 07:33:14
What program can open a Windows installer created via NSIS (Nullsoft Scriptable Install System)? 1Reply
L
Leevz2018-08-24 11:56:29
How to disable Windows Defender? 3Reply
L
Leevz2018-09-03 20:03:29
How to remove SecurityLogAgent without root rights? 0Reply
I
Ivan2021-11-22 14:33:53
The navigation in the site header does not work on the pancakeswap.finance resource, what can I do? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question