Replies: 0
Hello,
I am hoping someone could help me.
I am not a pro user so please take it easy on me.
I own two websites and each of them is hosted with TSO Host (UK).
One of the webpages is fine; the other has been attacked by hackers for quite a long time now – over 6 months.
At first I was fighting hackers by restoring backup files over and over again – but as you can imagine the issues were repeating endlessly.
The nature of attack is an advertisement redirection to (unfortunately) 18+ content: it redirects from Google search to various hacker websites (each time different but I found a variable and a pool of a few addresses repeating randomly).
I have tightened the security as much as I could – I have changed username to a word that does not exist, I’ve changed the password to a combination of at least 20 different letters, numbers and sizes, I have installed Sucuri and Wordfence, I have even added extra code to .htaccess so each time I want to log in via wp-admin I need to add my IP address manually to the file. I update all plugins and themes (and WP, of course) regularly. I have contacted the host provider number of times asking for help (but they always advise what to do, not actually doing anything on their own).
Unfortunately for me, every time I ‘clean’ the system it comes back with double power. The scans have found plenty of Backdoor files and I have been deleting them manually to ensure each of them has been removed (maybe there’s a better way, this is the best I can do now).
I have really tried everything that I could to prevent these attacks. I am not a pro web developer, I just help to maintain my mum’s business website.
I also have my own private website which has a shared host with my mum’s web and it has NEVER ever had a single hacker attack. I am wondering if it’s a coincidence.
Does anyone know if these attack may be happening due to host provider I am using? I am confused, as I said my other website has never been attacked and I barely need to do any maintenance there.
Now I have a problem with broken HTTPS – after the last ‘clean up’ I have received a Privacy Error – so I have googled an issue and tried to change HTTP to HTTPS in General Settings. After pressing ‘Save’ the Privacy Error appeared and now I cannot proceed to the website at all (unless I agree to take a risk).
I have spent a lot of time trying to find a solution online but nothing seems to work in my case.
Thanks