Related

Tool NGINX Config Generator Tool
Connect to DB installed into dedicated VPS (private networking) Question Question
Running a web-based video game on a droplet Question Question

Question

WordPress site compromised before completing installation

Posted June 8, 2020 608 views
NginxWordPressSecurity

I was just starting out with setting up my WordPress website (LEMP stack), and I left my site on the /wp-admin/install.php page for me to continue the next day. When I checked on it today, it was installed without me, showing a messy layout and huge random Vietnamese text. Since I didn’t set up the installation, I didn’t create a WordPress account, so I don’t think I can log in. It doesn’t redirect me to any other site, and Google hasn’t marked the site as insecure.

I’ve checked the site on hack scanners like http://sitecheck.sucuri.net/ http://isithacked.com/ http://www.unmaskparasites.com/ and it seems fine. Only Sitecheck says Nginx is outdated, though.

I admit I was still just in the middle of putting security measures in place. Do I continue doing so? Is there anything in particular I should do?

Add a comment
By:
NoodlesYum
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer
bobbyiliev June 8, 2020

Hi there @NoodlesYum,

If this was a fresh new Droplet, I would recommend deleting it and deploying a new one, as the person who finalized the installation for you might have uploaded a backdoor and it would be quicker for you to deploy a new server rather than start looking for malicious files.

Hope that this helps!
Regards,
Bobby

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help