How Can I Stop Being Hacked - Strange Files Hosted

  • Answered
I've dealt with this several times already on my wordpress sites. My site gets hacked into, and the perpetrator drops in a zip file which unloads directories. I believe this is part of a Phishing scheme; the files in these directories create signin pages (probably) where email recipients are directed to & enter their data which is then stolen and transferred to the offender via my site. After a while, google will flag my site as a phishing site. I am using popular Wordpress security plugins but they do not help!

I just got done cleaning one. My security plugin alerted me to changed files and I noticed that all these new directories were dropped in yesterday. I deleted all of it. So if anyone tries to reach the phishing page they'll probably get a 404 error now.

How can I stop these large zip files from being dropped into my server? I don't want to keep dealing with this!
Hello, Sorry for the problems that you've been facing concerning the hacks on your account. There are many things that you can do in order to harden the security of your site to prevent hacks that lead to the issues that you see on your site. Check out this WordPress tutorial on security. You should also check your plugins and themes for hacks as they can also be the vulnerable points of your WordPress site. You should also consult with a web programmer who is familiar with security to assess your site if you continue to have problems. The official WordPress Support forum suggests the following post for improving security for your WordPress site. If you have any further questions or comments, please let us know. Regards, Arnel C.