Geesh! GoDaddy seems to be a very popular target with hackers these days. Again this morning they were attacked and sites infected w/ Malware.
Just as in the attack over the weekend with the myblindstudioinfoonline malware through an FTP breach.
Godaddy cleaned all the sites that were infected and advised all the webmasters to change their FTP passwords. Those that did were fine during this last attack, BUT those that did not, got infected again.
As advised in Regina’s post, if you were hacked you should:
- Change all of your FTP passwords (Check to see if you have more than one FTP account).
- Change your database passwords (If hackers got into your FTP, did they look at your wp-config.php file?).
- Change your Authentication Unique Keys and Salts (Again, wp-config.php).
- Change your WordPress username passwords (Change any “administrator” account passwords for safety measures).
- Check your permissions on your server. Make sure your directories (folders) are set to 755 and your files are set to 644 (Sometimes hackers like to change CHMOD permissions while they’re in there).
- Update your virus definitions on your anti-virus program and run a full system scan.
- Make sure your firewall is on.
I cannot stress enough- how important it is to use STRONG usernames and even STRONGER passwords! And if you ever get hacked- change all your passwords- just in case. You never know. Please use a password that is at least 12 or more characters long- both upper and lower case letters, numbers,spaces if allowed, and symbols. And do not use admin as your user name – EVER!
Here’s a quick video on managing your FTP accounts – with some helpful tips on adding and restricting user’s access. Say you need someone to fix something on your forum, BUT you don’t want to allow them access to your entire account. This video shows you how to do simple it is.