I have recently had a WordPress site hacked. My hosting company have found no evidence of where the site was hacked. Can anyone advise how to prevent hacking of any WordPress site? Have taken down the hacked site.
http://www.iblogzone.com/2012/03/best-wordpress-security-plugins.html And don't forget loginlockdown plugin.
The site in question was one I had neglected for 2 or 3 months, and I was intending to take it down anyway. However, someone had managed to sign in as a User, but certainly not through me. When I checked further, there were about 50 or so additional 'Users', and countless 2 or 3 line new 'Posts' dating back to the beginning of October. Needless to say I immediately closed the site down.
It is possible that someone knew your WP admin/FTP/MySQL password or you were using plugins/themes with backdoors/security holes. Keep your plugins/themes updated, download them only from reliable sources and just to be sure change your passwords if you use them somewhere else.
WP Safety Scan The WP Security Scan extension and won’t let you know whether your website has been hacked, but it will test for possible attack vectors and vulnerabilities, and offer strategies for fixes.The easiest way to make sure that there are no recognized exploits that hackers can use is to keep your software program as up-to-date as possible. Google’s Safe Looking Diagnostic Google has a service that allows site owners to see whether or not they contemplate a site to be dangerous to visit. Copy the following URL into your browser handle bar and change the half following ‘?website=’ together with your web site’s URL. http://www.google.com/safebrowsing/diagnostic?web site=google.com/ Sucuri Sucuri offer a free website scanning service that can catch major issues, and a paid for monitoring and cleanup service that may assist if you’re hacked. Using these tools together will help you make sure that your site remains safe.