fleurette

Hello again,

can I please ask you, if there is an attempt such as the one from Poland to my “.ftpconfig” and the code answer is 200, does it mean they actually got through?
My host uses FTP, I am with Hostgator. I contacted them yesterday, they said a file had been uploaded but thought it had been done by me.How do I know?

The reasons staged for blocking are for example:: Quito, Ecuador was blocked by firewall for a Malicious File Upload in file: files=J89GP.php
Type: Blocked
or
Irkutsk, Russia was blocked by firewall for Malicious File Upload (PHP) at http://mywebsite.com/wp-content/plugins/dzs-portfolio/upload.php

Is there reason to believe that the ftconfig attempt was successful? I am very concerned now.
Thank you very much, Fleurette

Hello again,

now I sincerely apologize for the delayed response. In regards to your question if these ips are accessing specific URLs, the reason why I am worried is because it tried to access my website: https//my website name/.ftpconfig.
It is the ftpconfig I was so worried about. It was Poland and I had others from Russia as well. Is there reason to be worried or should I ignore these? I noticed that most attempts have the 403 or 503 reply code, but some countries get through with the 200 code.

I did enable the Rate limiting rules. Would you have any specific advice how to set them to protect my site even better?

I am so very thankful for your response and all your assistance.

kind regards, Fleurette

Hello again,
thank you very much! I truly appreciate it.

with kind regards,
Fleurette

Hello,

I would like to ask one more thing regarding the attacks on my website. Recently I noticed in Wordfence that almost daily I am receiving malicious file upload attacks from bots all over the world. I did not notice these before, and still feel alarmed. Is that a recent change in Wordfence, or is there anything I should do? I am concerned about these attacks. Wordfence scan showed no more alerts, but it still shows ongoing attacks like these: Vietnam Hanoi, Vietnam was blocked by firewall for Malicious File Upload (PHP)
Can you please help me?
Thank you very much,
Fleurette

Hello again,

Thank you for your reply. I am afraid, I am not a website developer and don’t have the technical knowledge to recognize if there are malicious file, I would be afraid of doing something wrong. I have never done anything like this before, and don’t feel comfortable deleting directories. What could I do?
I am replacing the unsafe plugins with up to date ones and deleting the old plugins.
Thank you for your kind assistance in this matter!

I still have the Akismet in my site. I never used it as I am not blogging, it came with the Sugar & Spice theme. I have it disabled since the beginning. I see that it still is being updated, not sure if I should remove or leave it?? If it came with the theme, what is best to do?

Thank you so much for the advice with the Custom CSS and your earlier recommendation for a replacement, I am so very grateful!

Thank you again!

Hello,
I am very concern about a find in Wordfence.I have a long list of attacks saying malicious file upload php, for example: wp-content/plugins/codecanyon-157782-video-gallery-wordpress-plugin-w-youtube-vimeo-/upload.php blocked by firewall for Malicious File Upload (PHP). Luckily they have been blocked but there are17 of these attacks in one day, and it frightens me to see it. Is there danger of me being hacked? If I am asking a question on I here I shouldn’t I apologize but had so kindly recommended Wordfence to me. It seems all these attacks go to wp-content, here is another example: wp-content/plugins/contus-hd-flv-player/uploadVideo.php, or wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-custom_fields/single-upload.php. I don’t even have these on my site, I don’t understand at all and don’t know what to do!
I would be so very grateful for advice!
Thank you, Fleurette