Related

Tool NGINX Config Generator Tool
How to hide .user.ini in my NGINX server to use Wordfence in Wordpress? Question Question
Connect to DB installed into dedicated VPS (private networking) Question Question

Question

WordPress site compromised before completing installation

Posted June 8, 2020 713 views
NginxWordPressSecurity

I was just starting out with setting up my WordPress website (LEMP stack), and I left my site on the /wp-admin/install.php page for me to continue the next day. When I checked on it today, it was installed without me, showing a messy layout and huge random Vietnamese text. Since I didn’t set up the installation, I didn’t create a WordPress account, so I don’t think I can log in. It doesn’t redirect me to any other site, and Google hasn’t marked the site as insecure.

I’ve checked the site on hack scanners like http://sitecheck.sucuri.net/ http://isithacked.com/ http://www.unmaskparasites.com/ and it seems fine. Only Sitecheck says Nginx is outdated, though.

I admit I was still just in the middle of putting security measures in place. Do I continue doing so? Is there anything in particular I should do?

Add a comment
By:
NoodlesYum
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer
bobbyiliev June 8, 2020

Hi there @NoodlesYum,

If this was a fresh new Droplet, I would recommend deleting it and deploying a new one, as the person who finalized the installation for you might have uploaded a backdoor and it would be quicker for you to deploy a new server rather than start looking for malicious files.

Hope that this helps!
Regards,
Bobby

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help