Notified of compromised account: Where to go from here

mobcdi · Jun 12, 2012

A wordpress site on 1 of my hosts running WHM 11.32.3 build 19 was listed as a phishing website. I've disabled the account but I was hoping for advise on where to go from here to try and find as much detail as possible as to how the site was compromised and how to improve my security to stop it happening in the future as I have other wordpress sites.

The site admin of the compromised site can be considered awol

PlotHost · Jun 12, 2012

I suppose you had a vulnerable wp plugin.
See these security tips : Hardening WordPress « WordPress Codex

mobcdi · Jun 12, 2012

Thanks I'll review its suggestions.

Is there anything I can do via WHM to try find how the problem occured and if other accounts might to open to a similar fate?
Is there a best practice guide for these situations?

mobcdi · Jun 14, 2012

Working my way through Recommended Security Settings

Thread starter	Similar threads	Forum	Replies	Date
A	root-level compromised	Security	1	Jan 19, 2020
	Multiple Compromised Sites Cleanup?	Security	1	Sep 16, 2019
A	Compromised website index.php regenerating itself	Security	7	Apr 21, 2019
M	Customers notified about free AutoSSL	Security	1	Nov 13, 2017
P	Security: is it a good idea? - notified when someone is loggin in	Security	4	Jun 10, 2003

Search

Search

Notified of compromised account: Where to go from here

mobcdi

Well-Known Member

PlotHost

Well-Known Member

mobcdi

Well-Known Member

mobcdi

Well-Known Member