Dmayor7's Posts
Nairaland Forum › Dmayor7's Profile › Dmayor7's Posts
1 2 3 4 5 6 7 8 9 10 (of 32 pages)
hannahwealth:Yea... |
pinkyruledworld:Thank you. |
nnamdiosu:For website Backups, you can use Updraft for it. |
Website hacking is real and costs a lot of time and money to fix, depending on what's affected. I just cleaned up a hacked website the other day. I started since morning and finished in the evening. Time-consuming and also tiring. I was just lucky it's minimal, some hacks will take days to clean up. It happens that the site was injected with a "malicious redirect code". When you visit the website, it redirects to another site done by the hacker, and the sites are always different each time you reload the site. Please, before I move on, I want you to know that I am no Security Expert, but knows quite enough to detect when something isn't going right and then fix it. So, what is a "Malicious Redirect"? According to WordFence; A malicious redirect is a code inserted into a website with the intent of redirecting the site visitor to another website. Malicious redirects are typically inserted into a website by attackers with the intent of generating advertising impressions. However, some malicious redirections can have more damaging effects. A malicious redirect can exploit vulnerabilities in a site visitor’s computer through web-based scripts to install malware on unprotected machines. As such, it is critical to remove malicious redirects from your site. So, as you can see, this malicious code can be damaging to your reputation and branding. When my friend called me and told me her site is experiencing such, her voice was tired, she does not know what the problem is, and people have been calling her saying they can't browse her website. Then I geared up and logged into the site. The first thing that greeted me was a whole lot of outdated plugins and themes. I started by updating all of them. After I finished, I went to the homepage to see if it still redirects. It didn't redirect so I thought it's over, but no, I am really in for a long tiring day. DEADLY MISTAKE NUMBER 1: Always update your website software, themes, plugins, everything. Let it be up to date at all times.I called her on the phone and told her the site is fixed that she can crosscheck. Only for her to call me back a few moments later, "Darlington, it's still redirecting o" ME: But how can that be? Alright, clear your browser cache and cookies, then try it again. HER: I just did it, but it's still the same thing. That was when I realized that this is going to be a tough one. So, I headed on to Sucuri and scanned the website. Lo and behold! JavaScript malicious code was in it. I must say this, one thing I love about Sucuri site check is the fact that it even showed me the exact code and where it was. In my case, it appears to be in the header of all the pages on the site. I went to the Theme Editor and selected the "header.php", searched for that particular code and removed it. I was so happy and feeling like a demi-god but little did I know that it's not yet Uhuru. I saved my changes and did another scan using Sucuri. Still, it shows me the malicious codes are still there. Alright, time to kill this rat from another angle. I installed WordFence plugin and ran a malware scan on the site. After the scan, it shows me full detail of all the folders and directories that were infected by this same code. More than 92 different files inside different folders! I told you, am in for a long day. That is it. I have to remove the malicious code from all those files, manually. I braced myself up for the task and kept on it, opening files, removing malware, saving changes, then doing it over and over and over again. It wasn't easy, but this is the penalty for not taking your website security seriously. DEADLY MISTAKE NUMBER 2: Always integrate a security plugin on your WordPress website. WordFence has been saving lives since the 19 zero zeros.You may think, well at least I now know what to delete and where to go and delete it, but it comes with its problems too. The problem came toward evening time when I am about to finish. I mistakenly deleted a core WordPress folder and boom! The site stops working. I then downloaded a fresh WordPress file and tried to recreate what I have deleted. I just cannot. It seems to me I missed one or two other files. I do not know, but I just cannot. Then fear crept into my heart. So, this is how I just deleted off my client website? She will not be happy, and it will warrant building a new website from the ground up. But is there any backup? Okay, let me check. I checked and behold there is a backup. Oh! God of mercy! DEADLY MISTAKE NUMBER 3: Always backup your website, and always check to see if there is a backup before attempting to do changes to your website files.Okay, It then strikes me like a bolt from the blues. What if I just rolled back the website to the backed-up version? I did it, and do you even know what happened? Can you guess? The website became reborn! No malicious codes, no whatsoever. The site became born anew! I wanted to flog myself in the buttock for not thinking of this in the first place. After spending all these long tiring hours, I just fixed the issue with a simple reinstalling of the backed-up version. Well, this is the life we live in this web designing game. Ask, my web developer friends can relate to this. To debug is not a child play, and most times, the solution can just be an easy little fix. So, my brothers and sisters, this is the story of my life and how I fixed a website injected with a malicious redirect code. ----------------------------------- Preventive Actions to Protect your website: ------------------------------- Now, let us get down to preventive actions you need to take to avoid experiencing this tiring and messy situation that I happened to find myself in. Keep software up to date:Whether WordPress or any other, try and keep things updated. It may seem obvious, but ensuring you keep all software up to date is vital in keeping your site secure. It applies to both the server operating system and any software you may be running on your website. Always, check for updates and upgrade to latest versions. Ensure the use of strong passwords:Almost everyone knows they should use complex passwords, but in reality, do they? Hell no! I heard Mark Zukerberg used 1234 as his Facebook login password and was compromised. Have you heard of Brute Force Attack? Listen, it is crucial to use strong passwords for your web server and website admin area, and equally important to insist on good password practices for your website users to protect the security of their accounts. I recommend you use "LastPass" to generate and manage strong passwords. Make use of HTTPS or SSL:It stands for Secured Hypertext Transfer Protocol, and it guarantees that users are talking to the server they expect and that nobody else can intercept or change the content they see in transit. It is not even expensive, "Let's Encrypt" is here to make your life easier. Install a website security tool:See, your website resides in a world full of hackers, who are all the time on the prowl, looking for who to take advantage. A website without any security measures could be more prone to attacks. The first thing you should do when you set up a WordPress website is installing a security plugin right away. I recommend my darling WordFence and Sucuri. Any of them will never fail you. Backup Frequently:Should I still emphasise on this? Please, fixing a hacked website is hard and could take a long time! A backup copy of your site would enable you to restore it to normalcy. You can then take time to fix the hack and seal off any website vulnerabilities that allowed the hacker to get an express ticket to your website. Implement 2 Factor Authentication:When you install WordFence, there is an option there to help you enable this on your website. A 2-factor authentication helps to add another layer of security to your login. Once you try to log in, it will send you a code to either your email or phone number and require you to input the number code before you can log in. It is necessary to implement. Of course, there are many ways to kill a rat, as my people will say. If we start discussing ways to prevent a hack and protect your website, the cow will come home. Other methods include but not limited to; Disallow Plugin Installations Auto Logout Inactive Users Limit Login Attempts Restrict File Uploads Change The "wp-admin" to something elseNow, let me ask you. Are you using WordPress on your website? Is your admin username still "admin"? You know it is hard to change your username once you have created your admin account, but I have something for you. An easy bonus tip you can implement right away and change your username. Follow me step by step... Login to your WordPress dashboard. Click on "Users" then click on "Add New". Put in a correct and good username. Make sure you use LastPass to generate a strong password. On the "Role", select "Administrator" Then click on "Add New User" at the bottom.Have you done this? Now, follow me, we are almost done. Logout from your website. Log in using the new user you just created. Click on "Users". Now, select the old "admin" user.Have you selected it? Now, hover your mouse on it, you will be able to see "Delete" click it to delete the user.A page will come up asking you whether you want to transfer all posts by the old "admin" to yourself right now. Select yes and click on "Confirm Deletion" That's it, we are done. You have just changed your admin username to a brand new hard to guess username instead of the easy to guess "admin". Thank you for reading this post to the end. I know it's long but if I could make it shorter, I would have done so. I know you must have experienced website hack at some point in your internet journey. Tell us your story in the comment section and how you were able to fix it.
|
Website hacking is real and costs a lot of time and money to fix, depending on what's affected. I just cleaned up a hacked website the other day. I started since morning and finished in the evening. Time-consuming and also tiring. I was just lucky it's minimal, some hacks will take days to clean up. It happens that the site was injected with a "malicious redirect code". When you visit the website, it redirects to another site done by the hacker, and the sites are always different each time you reload the site. Please, before I move on, I want you to know that I am no Security Expert, but knows quite enough to detect when something isn't going right and then fix it. So, what is a "Malicious Redirect"? According to WordFence; A malicious redirect is a code inserted into a website with the intent of redirecting the site visitor to another website. Malicious redirects are typically inserted into a website by attackers with the intent of generating advertising impressions. However, some malicious redirections can have more damaging effects. A malicious redirect can exploit vulnerabilities in a site visitor’s computer through web-based scripts to install malware on unprotected machines. As such, it is critical to remove malicious redirects from your site. So, as you can see, this malicious code can be damaging to your reputation and branding. When my friend called me and told me her site is experiencing such, her voice was tired, she does not know what the problem is, and people have been calling her saying they can't browse her website. Then I geared up and logged into the site. The first thing that greeted me was a whole lot of outdated plugins and themes. I started by updating all of them. After I finished, I went to the homepage to see if it still redirects. It didn't redirect so I thought it's over, but no, I am really in for a long tiring day. DEADLY MISTAKE NUMBER 1: Always update your website software, themes, plugins, everything. Let it be up to date at all times.I called her on the phone and told her the site is fixed that she can crosscheck. Only for her to call me back a few moments later, "Darlington, it's still redirecting o" ME: But how can that be? Alright, clear your browser cache and cookies, then try it again. HER: I just did it, but it's still the same thing. That was when I realized that this is going to be a tough one. So, I headed on to Sucuri and scanned the website. Lo and behold! JavaScript malicious code was in it. I must say this, one thing I love about Sucuri site check is the fact that it even showed me the exact code and where it was. In my case, it appears to be in the header of all the pages on the site. I went to the Theme Editor and selected the "header.php", searched for that particular code and removed it. I was so happy and feeling like a demi-god but little did I know that it's not yet Uhuru. I saved my changes and did another scan using Sucuri. Still, it shows me the malicious codes are still there. Alright, time to kill this rat from another angle. I installed WordFence plugin and ran a malware scan on the site. After the scan, it shows me full detail of all the folders and directories that were infected by this same code. More than 92 different files inside different folders! I told you, am in for a long day. That is it. I have to remove the malicious code from all those files, manually. I braced myself up for the task and kept on it, opening files, removing malware, saving changes, then doing it over and over and over again. It wasn't easy, but this is the penalty for not taking your website security seriously. DEADLY MISTAKE NUMBER 2: Always integrate a security plugin on your WordPress website. WordFence has been saving lives since the 19 zero zeros.You may think, well at least I now know what to delete and where to go and delete it, but it comes with its problems too. The problem came toward evening time when I am about to finish. I mistakenly deleted a core WordPress folder and boom! The site stops working. I then downloaded a fresh WordPress file and tried to recreate what I have deleted. I just cannot. It seems to me I missed one or two other files. I do not know, but I just cannot. Then fear crept into my heart. So, this is how I just deleted off my client website? She will not be happy, and it will warrant building a new website from the ground up. But is there any backup? Okay, let me check. I checked and behold there is a backup. Oh! God of mercy! DEADLY MISTAKE NUMBER 3: Always backup your website, and always check to see if there is a backup before attempting to do changes to your website files.Okay, It then strikes me like a bolt from the blues. What if I just rolled back the website to the backed-up version? I did it, and do you even know what happened? Can you guess? The website became reborn! No malicious codes, no whatsoever. The site became born anew! I wanted to flog myself in the buttock for not thinking of this in the first place. After spending all these long tiring hours, I just fixed the issue with a simple reinstalling of the backed-up version. Well, this is the life we live in this web designing game. Ask, my web developer friends can relate to this. To debug is not a child play, and most times, the solution can just be an easy little fix. So, my brothers and sisters, this is the story of my life and how I fixed a website injected with a malicious redirect code. ----------------------------------- Preventive Actions to Protect your website: ------------------------------- Now, let us get down to preventive actions you need to take to avoid experiencing this tiring and messy situation that I happened to find myself in. Keep software up to date:Whether WordPress or any other, try and keep things updated. It may seem obvious, but ensuring you keep all software up to date is vital in keeping your site secure. It applies to both the server operating system and any software you may be running on your website. Always, check for updates and upgrade to latest versions. Ensure the use of strong passwords:Almost everyone knows they should use complex passwords, but in reality, do they? Hell no! I heard Mark Zukerberg used 1234 as his Facebook login password and was compromised. Have you heard of Brute Force Attack? Listen, it is crucial to use strong passwords for your web server and website admin area, and equally important to insist on good password practices for your website users to protect the security of their accounts. I recommend you use "LastPass" to generate and manage strong passwords. Make use of HTTPS or SSL:It stands for Secured Hypertext Transfer Protocol, and it guarantees that users are talking to the server they expect and that nobody else can intercept or change the content they see in transit. It is not even expensive, "Let's Encrypt" is here to make your life easier. Install a website security tool:See, your website resides in a world full of hackers, who are all the time on the prowl, looking for who to take advantage. A website without any security measures could be more prone to attacks. The first thing you should do when you set up a WordPress website is installing a security plugin right away. I recommend my darling WordFence and Sucuri. Any of them will never fail you. Backup Frequently:Should I still emphasise on this? Please, fixing a hacked website is hard and could take a long time! A backup copy of your site would enable you to restore it to normalcy. You can then take time to fix the hack and seal off any website vulnerabilities that allowed the hacker to get an express ticket to your website. Implement 2 Factor Authentication:When you install WordFence, there is an option there to help you enable this on your website. A 2-factor authentication helps to add another layer of security to your login. Once you try to log in, it will send you a code to either your email or phone number and require you to input the number code before you can log in. It is necessary to implement. Of course, there are many ways to kill a rat, as my people will say. If we start discussing ways to prevent a hack and protect your website, the cow will come home. Other methods include but not limited to; Disallow Plugin Installations Auto Logout Inactive Users Limit Login Attempts Restrict File Uploads Change The "wp-admin" to something elseNow, let me ask you. Are you using WordPress on your website? Is your admin username still "admin"? You know it is hard to change your username once you have created your admin account, but I have something for you. An easy bonus tip you can implement right away and change your username. Follow me step by step... Login to your WordPress dashboard. Click on "Users" then click on "Add New". Put in a correct and good username. Make sure you use LastPass to generate a strong password. On the "Role", select "Administrator" Then click on "Add New User" at the bottom.Have you done this? Now, follow me, we are almost done. Logout from your website. Log in using the new user you just created. Click on "Users". Now, select the old "admin" user.Have you selected it? Now, hover your mouse on it, you will be able to see "Delete" click it to delete the user.A page will come up asking you whether you want to transfer all posts by the old "admin" to yourself right now. Select yes and click on "Confirm Deletion" That's it, we are done. You have just changed your admin username to a brand new hard to guess username instead of the easy to guess "admin". Thank you for reading this post to the end. I know it's long but if I could make it shorter, I would have done so. I know you must have experienced website hack at some point in your internet journey. Tell us your story in the comment section and how you were able to fix it.
|
power50:Bluehost is not the only good web hosting company.. But why I love Bluehost is because of there best to none customer care.. Seriously, I havent seen a web hosting with such professional, friendly, and expert customer service. They will listen to you and solve your problem in a matter of minutes. They can even help you out in any thing you finding hard to do in your website FREE of charge. All these and many more made me to fall in love with their service. I have been using them for 3 years now with nothing but good testimonies from me and my clients that I designed their websites. |
benzems:Ok.. as you wish... |
Tenumah32:What's the pay? |
This is cool.. If creating a successful WordPress website is what you are after, then check this step by step tutorial at w3programs.com |
domcreative:Check this article and your problem is solved. If along the way you still need a professional help, holla me via 08175765974 or dalingtonokafor@gmail.com |
fid4992:Hello... This can be solved remotely and easily. All you need to do is to list out what you need to achieve here and I will help you out from here too. |
akeentech:Sincerely, these above two can be totally solved perfectly and easily when you choose a good and reliable web hosting. For a comprehensive tutorial on web hosting and how to choose a befitting and reliable web hosting for your website check this article here w3progams.com/hosting |
izzyboi:Hello... There are two types of WordPress website which is Self-hosted Wordpress and Hosted Wordpress I believe you are using the Hosted Wordpress with a . extension.. Alright, Here is what to do. You can migrate to a Self-hosted wordpress website by following this tutorial here Then if you need help in choosing a reliable hosting for your wordpress website so you don't make mistakes and loose money and time, you can read this article here I hope this helps? |
abrashmick:I advise you read this article at w3programs.com/hosting first before you take any action t avoid loosing money and time. The article will show you what and what to look in a web hosting and also guide you into choosing the best web hosting for your website. If you need any help along the way, holla me via 08175765974 or darlingtonokafor@gmail.com |
ediko5:Unistall that Picasa and check.. If it still persist then you need to really upgrade to windows 8 |
[quote author=hemlock0 post=66431665][/quote]You are welcome... Edit your previous comment, the one you qouted me.. Your reply is inside my own quote.. |
seoscrib:Check www.w3programs.com |
JohnChopDollar:Hi, I am a good web/graphics designer with eyes for good designs and outstanding color combinations. I have worked on many designs ranging from flex banners, to I.D cards, to Marketing Flyers, to Logos and brochures. Let's talk via 08175769574 and I assure you of a professional and high quality logo design. Thanks. |
bumi10:This is wonderful!.. |
hemlock0:First you need to enable registration in your wordpress website. Then you need two plugins.. Ninja Form and Membership pro With the Ninja Form you design your registration form. With the Membership Pro you enable user dashboard and other things you need. If you need help in any way, holla me via 08175765974 Kudos |
danwilliams4u:You can withdraw your money if you have a U.S paypal. You will need; a VPN a U.S Address a U.S number a Payooner Account I can help you open a U.S paypal account for a little bucks. Contact me via 08175765974 or darlingtonokafor@gmail.com |
Ibelievee:Its really hard sha... I sometimes cut my date short just because a new idea popped inside my head on how to tackle a particular bug that has been bugging my codes. At times, I will forget to even eat or cook anything to eat until late into the night... I lost most of my peers because I don't usually show up for Sunday eve drinks and groove. In all, I am always fulfilled whenever i get a project right. |
Unique32:For you to start seeing the results of SEO it takes time. And you can even do it yourself when you have the right knowledge. I strongly advise you to try and do it yourself before you fall into scam! Below are resources to guide you with your website SEO https://neilpatel.com/blog/improve-google-rankings-without-getting-penalized/ http://www.wpbeginner.com/wordpress-seo/ http://www.bulletpoint.ca/blog/how-to-do-seo-no-money-no-time/ https://ahrefs.com/blog/increase-website-traffic/ http://www.jeffbullas.com/13-super-easy-ways-to-immediately-improve-your-seo-ranking/ Seriously, after going through all these you will become an SEO PRO already. If you need any help along the way about anything or SEO concept you didn't understand, just holla me via 08175765974 or darlingtonokafor@gmail.com |
asco15:hahhahaaahahhaaa.. times without number.. I have spoilt my keyboard at a certain time because I slept on my laptop while drinking tea. The tea spilled into the keyboard and spoilt it. I have also spoilt my android phone when I slept off on top if it. I woke up to a broken screen!... I am laughing now, but it's not funny, never. But wetin I man go do? Some programming need to be done. Some debugging needs my attention. I need to research and learn more. So, my brother there is no time o... |
gibsolala:Sure, I am up or the task... Let's talk via 08175765974 |
Keep software up to date: