Wordpress Discussion
Wordpress Discussion
Out of context: Reply #127
- Started
- Last post
- 164 Responses
- BusterBoy-1
Having a Wordpress site built for me at the moment...I've used a couple of different developers offshore to do it.
Just noticed today, theres 50+ installations of a plugin "CMSmap - WordPress Shell".
I've asked the developers and they don't know what these are.
Anyone know? Hacked? If I just remove these plugins, is there something else I would need to do?
There's no customer data or anything like that in the database at thos stage.
- You should instal Wordfence to add a firewall, and also to scan for possible js injections.Salarrue
- Ideally when working with offshore freelancers set-up a staging version of the site and ask them to add the code to child themes or custom extensionsSalarrue
- https://blog.sucuri.…Salarrue
- Bloatware is bloatedutopian
- If you see "WP" and "shell" in the same sentence, it's malware.grafician
- Use tf Kirby and forget about WP unless you do e-commerce, then use tf Shopifygrafician
- Headless shopify at that, and Kirby for anything publishing https://getkirby.com…grafician
- also if you manage WP, rename tf wp-login.php on the server, then un-name it when you need to logingrafician
- I needed to ban China and Thailand at IP classes level to get rid of bots and malware at one point in WP...grafician
- oh and check tf your DB too, the malware is in there too, you need to reinstall fresh everything after you get ownedgrafician
- and it seems you got ownedgrafician
- Shopify is OK, but with a custom set up you will pay way too much of what is possible with WPSalarrue
- ^yupmoldero
- monthlies for plugins? fuck off shopify! I like to own my platform, not rent itmoldero