Block Phishing files

  • Resolved calliewallie

    (@calliewallie)


    8 years, 11 months ago

    My site stainlesslobster.com had some phishing files on it. I cleaned them off to the best of my knowledge, installed Sucuri’s plugin and ran all the hardening and then installed BBQ. There has since been more phishing files uploaded without my knowledge today. ( My host sent an email to advise of them) Am I missing a setting or something? Why would this be able to still happen with BBQ installed and activated? Thanks in advance!

Viewing 1 replies (of 1 total)
  • Plugin Author Jeff Starr

    (@specialk)

    8 years, 11 months ago

    BBQ blocks bad queries, but it doesn’t “fix” existing vulnerabilities. For example, if your site has been compromised by a bad script or backdoor or whatever, attackers may have access that is not detected by any WordPress plugin.

    So if you are seeing malicious files on your server, and they keep coming back, most likely your site has larger security issues and is compromised. In other words, BBQ will block new attacks, but doesn’t fix any underlying security issues.

    I hope this makes sense, let me know if I can provide any further infos, glad to help however possible. Thank you

Viewing 1 replies (of 1 total)

The topic ‘Block Phishing files’ is closed to new replies.