Is the Plugin correctly configured

This topic is: not resolved

This topic has 2 replies, 2 voices, and was last updated 6 years ago by Suman M..

Viewing 3 posts - 1 through 3 (of 3 total)

Save

Author

Posts
July 22, 2019 at 10:23 am #26963

zoomtis

Hello Hide my IP, I have just bought your plugin to protect my website because i have been attacked many times

I have been noticed by google that someone install something wrong on my website and they send me the links below:

https://www.willyexpress[.]lu/wp-includes/cgi/pi/445cccfa249023c63aa847ea8fb52c3f/bwf58nx40l9ys7a32twev4yd.php

https://www.willyexpress[.]lu/wp-includes/cgi/pi/445cccfa249023c63aa847ea8fb52c3f/bwf58nx40l9ys7a32twev4yd.php

I just want to configure the plugin so that nobody could attack my website again and hop that your plugin can do it.

The file most attacked is /wp-includes.

Secondly I receive many message from the plugin informing me that my website is maybe attacked.
Find below the message:

The following potential attack has been detected by HMWP IDS.

If it’s you please Exclude that parameter or increase Notify Threshold from IDS settings.
In most cases you don’t need to do anything. Hide My WP protects you!

IP: 91.214.44.154
User ID:
Date: 2019-07-22T10:01:01+00:00
Total Impact: 86
Affected tags: xss csrf id rfe sqli dos lfi format string

Affected parameters: REQUEST.options=box_id%3DWooZone_amazon%26amp%3Bbox_nonce%3Db2a3d57d1d%26amp%3Bonsite_cart%3Dno%26amp%3B90day_cookie%3Dno%26amp%3Bproduct_buy_is_amazon_url%3Dno%26amp%3Bproduct_url_short%3Dno%26amp%3Bfrontend_hide_onsale_default_badge%3Dno%26amp%3Bfrontend_show_free_shipping%3Dno%26amp%3Bbadges_box_position%3Dtop_right%26amp%3Bbadges_box_offset_vertical%3D%26amp%3Bbadges_box_offset_horizontal%3D%26amp%3Bbadges_activated%255B%255D%3Damazonprime%26amp%3Bdisable_amazon_checkout%3Dno%26amp%3Bdropshiptax_activate%3Dno%26amp%3Bdropshiptax_type%3Dproc%26amp%3Bdropshiptax_value%3D0%26amp%3Broundedprices_activate%3Dno%26amp%3Broundedprices_direction%3Dalways_up%26amp%3Broundedprices_decimals%3D0%26amp%3Broundedprices_marketing%3Dno%26amp%3Bnocheckout_show_what%255B%255D%3Dsyncfront_activate%26amp%3Bnocheckout_show_what%255B%255D%3Dshow_review_tab%26amp%3Bshow_free_shipping_details_link%3Dno%26amp%3Bgdpr_rules_is_activated%3Dno%26amp%3Bproducts_force_delete%3Dyes%26amp%3Bservices_used_forip%3Dwww.geoplugin.net%26amp%3Bcharset%3D%26amp%3Bfrontend_show_coupon_text%3Dyes%26amp%3Bcheckout_email%3Dno%26amp%3Bcheckout_email_mandatory%3Dno%26amp%3Bitem_attribute%3Dyes%26amp%3Battr_title_normalize%3Dno%26amp%3Bprice_setup%3Damazon_or_sellers%26amp%3Bmerchant_setup%3Damazon_or_sellers%26amp%3Bimport_price_zero_products%3Dno%26amp%3Bproduct_variation%3Dyes_4%26amp%3Bdefault_import%3Dpublish%26amp%3Bimport_type%3Ddefault%26amp%3Bratio_prod_validate%3D90%26amp%3Bcron_number_of_images%3D100%26amp%3Bnumber_of_images%3D10%26amp%3Brename_image%3Dproduct_title%26amp%3Bremove_gallery%3Dno%26amp%3Bremove_featured_image_from_gallery%3Dno%26amp%3Bshow_short_description%3Dyes%26amp%3Bshow_review_tab%3Dyes%26amp%3Bredirect_checkout_msg%3DVous%2B%25C3%25AAtes%2Bdirig%25C3%25A9%2Bvers%2B%257Bamazon_website%257D%2Bpour%2Beffectuer%2Bvotre%2Bcommande%21%26amp%3Bredirect_time%3D3%26amp%3Bproduct_buy_text%3DACHETEZ%2BSUR%2BAMAZON%2B%28CLIQUEZ%2BICI%29%26amp%3Bproduct_buy_custom_classes%3D%26amp%3Bproduct_buy_button_open_in%3D_self%26amp%3Bproduct_buy_text_ebay%3D%26amp%3Bproduct_buy_custom_classes_ebay%3D%26amp%3Bproduct_buy_button_open_in_ebay%3D_self%26amp%3Bspin_at_import%3Dno%26amp%3Bspin_max_replacements%3D10%26amp%3Bcreate_only_parent_category%3Dno%26amp%3Bvariation_force_parent%3Dyes%26amp%3Bremote_amazon_images%3Dyes%26amp%3Bclean_log_tables%3Dclear_all%26amp%3Bclean_duplicate_attributes%3DYES%26amp%3Bclean_duplicate_category_slug%3DYES%26amp%3Bdelete_zeropriced_products%3DYES%26amp%3Bclean_orphaned_amz_meta%3DYES%26amp%3Bclean_orphaned_prod_assets%3DYES%26amp%3Bclean_orphaned_prod_assets_wp%3DYES%26amp%3Bfix_product_attributes%3DYES%26amp%3Bfix_node_childrens%3DYES%26amp%3Bprotocol%3Dauto%26amp%3Bcountry%3Dfr%26amp%3BAccessKeyID%3D%26amp%3BSecretAccessKey%3D%26amp%3BAffiliateID%255Bcom%255D%3D%26amp%3BAffiliateID%255Buk%255D%3Dwillyexpressu-21%26amp%3BAffiliateID%255Bde%255D%3Dzoomtisdeutsc-21%26amp%3BAffiliateID%255Bfr%255D%3Dwillyexpresslu2019-21%26amp%3BAffiliateID%255Bjp%255D%3D%26amp%3BAffiliateID%255Bca%255D%3D%26amp%3BAffiliateID%255Bcn%255D%3D%26amp%3BAffiliateID%255Bin%255D%3D%26amp%3BAffiliateID%255Bit%255D%3D%26amp%3BAffiliateID%255Bes%255D%3D%26amp%3BAffiliateID%255Bmx%255D%3D%26amp%3BAffiliateID%255Bbr%255D%3D%26amp%3BAffiliateID%255Bau%255D%3D%26amp%3BAffiliateID%255Bae%255D%3D%26amp%3Bmain_aff_id%3Dfr%26amp%3Bamazon_requests_rate%3D1%26amp%3Bfix_issue_request_amazon%3DYES%26amp%3Bfix_issue_sync%255Btrash_tries%255D%3D1%26amp%3Bfix_issue_sync%255Brestore_status%255D%3Dpublish%26amp%3Breset_products_stats%3DYES%26amp%3Boptions_prefix_change%3Duse_new%26amp%3Bunblock_cron%3DYES%26amp%3Bproductinpost_additional_images%3Dyes%26amp%3Bproductinpost_extra_css%3D%26amp%3Bproduct_countries%3Dno%26amp%3Bproduct_countries_main_position%3Dbefore_add_to_cart%26amp%3Bproduct_countries_maincart%3Dno%26amp%3Bproduct_countries_countryflags%3Dno%26amp%3Bdelete_attachments_at_delete_post%3Dno%26amp%3Bcross_selling%3Dyes%26amp%3Bcross_selling_nbproducts%3D3%26amp%3Bcross_selling_choose_variation%3Dfirst%26amp%3Bstring_trans%255B%255D%3D%26amp%3Bstring_trans%255B%255D%3DArticles%2Bsouvent%2Bachet%25C3%25A9s%2Bensemble%26amp%3Bstring_trans%255B%255D%3DPrix%2Bdu%2Bpack%26amp%3Bstring_trans%255B%255D%3DCe%2Bproduit%26amp%3Bstring_trans%255B%255D%3DAvis%2BClients%2BAmazon%26amp%3Bstring_trans%255B%255D%3DLivraison%2Bgratuite%26amp%3Bstring_trans%255B%255D%3DDetails%26amp%3Bstring_trans%255B%255D%3DT%25C3%25A9l%25C3%25A9chargement…%26amp%3Bstring_trans%255B%255D%3DIndisponible%26amp%3Bstring_trans%255B%255D%3DDisponible%26amp%3Bstring_trans%255B%255D%3DVous%2Bdevez%2Bv%25C3%25A9rifiez%2Bou%2Bannuler%2Btoutes%2Bles%2Bboutiques%2Bamazon%21%26amp%3Bstring_trans%255B%255D%3Dall%2Bgood%26amp%3Bstring_trans%255B%255D%3DAnnul%25C3%25A9%26amp%3Bstring_trans%255B%255D%3Dcheckout%2Bdone%26amp%3Bstring_trans%255B%255D%3DSaving…%26amp%3Bstring_trans%255B%255D%3DFermeture…%26amp%3Bstring_trans%255B%255D%3DAjouter%2Bau%2BPanier%26amp%3Bstring_trans%255B%255D%3DAchetez%26amp%3Bstring_trans%255B%255D%3DPrix%253A%26amp%3Bstring_trans%255B%255D%3DImages%2Badditionnelles%253A%26amp%3Bstring_trans%255B%255D%3DVoir%2Ben%2Bplus%2Bgrand%26amp%3Bstring_trans%255B%255D%3DAjouter%2Bdes%2Bproduits%26amp%3Bstring_trans%255B%255D%3DPlease%2Bfirst%2Bselect%2Ba%2Bproduct%2Bfrom%2Bthe%2Bleft%2Bside%26amp%3Bstring_trans%255B%255D%3DProduits%2Bchoisis%26amp%3Bimport_product_offerlistingid_missing%3Dyes%26amp%3Bimport_product_variation_offerlistingid_missing%3Dyes%26amp%3Bproduct_offerlistingid_missing_external%3Dno%26amp%3Bproduct_offerlistingid_missing_delete%3Dno%26amp%3Breset_sync_stats%3Dyes%26amp%3Bforce_disable_images_srcset%3Dyes%26amp%3Bdebug_bar_activate%3Dno%26amp%3Bdebug_ip%3D%26amp%3Bshow_availability_icon%3Dyes%26amp%3Bpptos_activate%3Dno%26amp%3Basof_font_size%3D0.6%26amp%3Bpptos_provider_activated%255B%255D%3Damazon%26amp%3Bpptos_tpl%3Dv1%26amp%3Bbadges_activated-available%255B%255D%3D%26amp%3Bbadges_activated%255B%255D%3Damazonprime%26amp%3Bnocheckout_show_what-available%255B%255D%3D%26amp%3Bnocheckout_show_what%255B%255D%3Dsyncfront_activate%26amp%3Bselected_attributes-available%255B%255D%3D%26amp%3Bselected_attributes%255B%255D%3D%26amp%3Bimages_sizes_allowed-available%255B%255D%3D%26amp%3Bimages_sizes_allowed%255B%255D%3D%26amp%3Bpptos_provider_activated-available%255B%255D%3D%26amp%3Bpptos_provider_activated%255B%255D%3Damazon, POST.options=box_id%3DWooZone_amazon%26amp%3Bbox_nonce%3Db2a3d57d1d%26amp%3Bonsite_cart%3Dno%26amp%3B90day_cookie%3Dno%26amp%3Bproduct_buy_is_amazon_url%3Dno%26amp%3Bproduct_url_short%3Dno%26amp%3Bfrontend_hide_onsale_default_badge%3Dno%26amp%3Bfrontend_show_free_shipping%3Dno%26amp%3Bbadges_box_position%3Dtop_right%26amp%3Bbadges_box_offset_vertical%3D%26amp%3Bbadges_box_offset_horizontal%3D%26amp%3Bbadges_activated%255B%255D%3Damazonprime%26amp%3Bdisable_amazon_checkout%3Dno%26amp%3Bdropshiptax_activate%3Dno%26amp%3Bdropshiptax_type%3Dproc%26amp%3Bdropshiptax_value%3D0%26amp%3Broundedprices_activate%3Dno%26amp%3Broundedprices_direction%3Dalways_up%26amp%3Broundedprices_decimals%3D0%26amp%3Broundedprices_marketing%3Dno%26amp%3Bnocheckout_show_what%255B%255D%3Dsyncfront_activate%26amp%3Bnocheckout_show_what%255B%255D%3Dshow_review_tab%26amp%3Bshow_free_shipping_details_link%3Dno%26amp%3Bgdpr_rules_is_activated%3Dno%26amp%3Bproducts_force_delete%3Dyes%26amp%3Bservices_used_forip%3Dwww.geoplugin.net%26amp%3Bcharset%3D%26amp%3Bfrontend_show_coupon_text%3Dyes%26amp%3Bcheckout_email%3Dno%26amp%3Bcheckout_email_mandatory%3Dno%26amp%3Bitem_attribute%3Dyes%26amp%3Battr_title_normalize%3Dno%26amp%3Bprice_setup%3Damazon_or_sellers%26amp%3Bmerchant_setup%3Damazon_or_sellers%26amp%3Bimport_price_zero_products%3Dno%26amp%3Bproduct_variation%3Dyes_4%26amp%3Bdefault_import%3Dpublish%26amp%3Bimport_type%3Ddefault%26amp%3Bratio_prod_validate%3D90%26amp%3Bcron_number_of_images%3D100%26amp%3Bnumber_of_images%3D10%26amp%3Brename_image%3Dproduct_title%26amp%3Bremove_gallery%3Dno%26amp%3Bremove_featured_image_from_gallery%3Dno%26amp%3Bshow_short_description%3Dyes%26amp%3Bshow_review_tab%3Dyes%26amp%3Bredirect_checkout_msg%3DVous%2B%25C3%25AAtes%2Bdirig%25C3%25A9%2Bvers%2B%257Bamazon_website%257D%2Bpour%2Beffectuer%2Bvotre%2Bcommande%21%26amp%3Bredirect_time%3D3%26amp%3Bproduct_buy_text%3DACHETEZ%2BSUR%2BAMAZON%2B%28CLIQUEZ%2BICI%29%26amp%3Bproduct_buy_custom_classes%3D%26amp%3Bproduct_buy_button_open_in%3D_self%26amp%3Bproduct_buy_text_ebay%3D%26amp%3Bproduct_buy_custom_classes_ebay%3D%26amp%3Bproduct_buy_button_open_in_ebay%3D_self%26amp%3Bspin_at_import%3Dno%26amp%3Bspin_max_replacements%3D10%26amp%3Bcreate_only_parent_category%3Dno%26amp%3Bvariation_force_parent%3Dyes%26amp%3Bremote_amazon_images%3Dyes%26amp%3Bclean_log_tables%3Dclear_all%26amp%3Bclean_duplicate_attributes%3DYES%26amp%3Bclean_duplicate_category_slug%3DYES%26amp%3Bdelete_zeropriced_products%3DYES%26amp%3Bclean_orphaned_amz_meta%3DYES%26amp%3Bclean_orphaned_prod_assets%3DYES%26amp%3Bclean_orphaned_prod_assets_wp%3DYES%26amp%3Bfix_product_attributes%3DYES%26amp%3Bfix_node_childrens%3DYES%26amp%3Bprotocol%3Dauto%26amp%3Bcountry%3Dfr%26amp%3BAccessKeyID%3D%26amp%3BSecretAccessKey%3D%26amp%3BAffiliateID%255Bcom%255D%3D%26amp%3BAffiliateID%255Buk%255D%3Dwillyexpressu-21%26amp%3BAffiliateID%255Bde%255D%3Dzoomtisdeutsc-21%26amp%3BAffiliateID%255Bfr%255D%3Dwillyexpresslu2019-21%26amp%3BAffiliateID%255Bjp%255D%3D%26amp%3BAffiliateID%255Bca%255D%3D%26amp%3BAffiliateID%255Bcn%255D%3D%26amp%3BAffiliateID%255Bin%255D%3D%26amp%3BAffiliateID%255Bit%255D%3D%26amp%3BAffiliateID%255Bes%255D%3D%26amp%3BAffiliateID%255Bmx%255D%3D%26amp%3BAffiliateID%255Bbr%255D%3D%26amp%3BAffiliateID%255Bau%255D%3D%26amp%3BAffiliateID%255Bae%255D%3D%26amp%3Bmain_aff_id%3Dfr%26amp%3Bamazon_requests_rate%3D1%26amp%3Bfix_issue_request_amazon%3DYES%26amp%3Bfix_issue_sync%255Btrash_tries%255D%3D1%26amp%3Bfix_issue_sync%255Brestore_status%255D%3Dpublish%26amp%3Breset_products_stats%3DYES%26amp%3Boptions_prefix_change%3Duse_new%26amp%3Bunblock_cron%3DYES%26amp%3Bproductinpost_additional_images%3Dyes%26amp%3Bproductinpost_extra_css%3D%26amp%3Bproduct_countries%3Dno%26amp%3Bproduct_countries_main_position%3Dbefore_add_to_cart%26amp%3Bproduct_countries_maincart%3Dno%26amp%3Bproduct_countries_countryflags%3Dno%26amp%3Bdelete_attachments_at_delete_post%3Dno%26amp%3Bcross_selling%3Dyes%26amp%3Bcross_selling_nbproducts%3D3%26amp%3Bcross_selling_choose_variation%3Dfirst%26amp%3Bstring_trans%255B%255D%3D%26amp%3Bstring_trans%255B%255D%3DArticles%2Bsouvent%2Bachet%25C3%25A9s%2Bensemble%26amp%3Bstring_trans%255B%255D%3DPrix%2Bdu%2Bpack%26amp%3Bstring_trans%255B%255D%3DCe%2Bproduit%26amp%3Bstring_trans%255B%255D%3DAvis%2BClients%2BAmazon%26amp%3Bstring_trans%255B%255D%3DLivraison%2Bgratuite%26amp%3Bstring_trans%255B%255D%3DDetails%26amp%3Bstring_trans%255B%255D%3DT%25C3%25A9l%25C3%25A9chargement…%26amp%3Bstring_trans%255B%255D%3DIndisponible%26amp%3Bstring_trans%255B%255D%3DDisponible%26amp%3Bstring_trans%255B%255D%3DVous%2Bdevez%2Bv%25C3%25A9rifiez%2Bou%2Bannuler%2Btoutes%2Bles%2Bboutiques%2Bamazon%21%26amp%3Bstring_trans%255B%255D%3Dall%2Bgood%26amp%3Bstring_trans%255B%255D%3DAnnul%25C3%25A9%26amp%3Bstring_trans%255B%255D%3Dcheckout%2Bdone%26amp%3Bstring_trans%255B%255D%3DSaving…%26amp%3Bstring_trans%255B%255D%3DFermeture…%26amp%3Bstring_trans%255B%255D%3DAjouter%2Bau%2BPanier%26amp%3Bstring_trans%255B%255D%3DAchetez%26amp%3Bstring_trans%255B%255D%3DPrix%253A%26amp%3Bstring_trans%255B%255D%3DImages%2Badditionnelles%253A%26amp%3Bstring_trans%255B%255D%3DVoir%2Ben%2Bplus%2Bgrand%26amp%3Bstring_trans%255B%255D%3DAjouter%2Bdes%2Bproduits%26amp%3Bstring_trans%255B%255D%3DPlease%2Bfirst%2Bselect%2Ba%2Bproduct%2Bfrom%2Bthe%2Bleft%2Bside%26amp%3Bstring_trans%255B%255D%3DProduits%2Bchoisis%26amp%3Bimport_product_offerlistingid_missing%3Dyes%26amp%3Bimport_product_variation_offerlistingid_missing%3Dyes%26amp%3Bproduct_offerlistingid_missing_external%3Dno%26amp%3Bproduct_offerlistingid_missing_delete%3Dno%26amp%3Breset_sync_stats%3Dyes%26amp%3Bforce_disable_images_srcset%3Dyes%26amp%3Bdebug_bar_activate%3Dno%26amp%3Bdebug_ip%3D%26amp%3Bshow_availability_icon%3Dyes%26amp%3Bpptos_activate%3Dno%26amp%3Basof_font_size%3D0.6%26amp%3Bpptos_provider_activated%255B%255D%3Damazon%26amp%3Bpptos_tpl%3Dv1%26amp%3Bbadges_activated-available%255B%255D%3D%26amp%3Bbadges_activated%255B%255D%3Damazonprime%26amp%3Bnocheckout_show_what-available%255B%255D%3D%26amp%3Bnocheckout_show_what%255B%255D%3Dsyncfront_activate%26amp%3Bselected_attributes-available%255B%255D%3D%26amp%3Bselected_attributes%255B%255D%3D%26amp%3Bimages_sizes_allowed-available%255B%255D%3D%26amp%3Bimages_sizes_allowed%255B%255D%3D%26amp%3Bpptos_provider_activated-available%255B%255D%3D%26amp%3Bpptos_provider_activated%255B%255D%3Damazon,

Request URI: /wp-admin/admin-ajax.php
Origin: 10.81.0.217

** Just to inform you that it is not an attack but my plugin WZONE, please configure the plugin not to block the WZONE plugin because I have noticed that since I have install hide my wp I can’t submit changes in the Wzone plugin.
————
Before getting access to wordpress admin a security password will be requested.

Hello team here are the first credentials before WordPress credentials. it is for security.

Username: sbszua
Password: Bzmdud5JIrFGdoM3Ng

Hope to hearing from you soon,
wilfried

July 22, 2019 at 12:30 pm #26966
Suman M.
Post count: 12480
Hi, to let you know no plugin or tool can assure you 100% security, they can only minimize the risks/hacks. The main aim of HMWP plugin is to hide the fact that the site uses wordpress, which will prevent from the bots especially designed to attack WP sites. Also it has Intrusion detection system that will block malicious requests coming to the site.

We recommend you to use another security plugin like Wordfence along with HMWP for better security.

Regarding the messages received, HMWP IDS detects malicious requests coming to your site and notify you about it. But all these requests might not be harmful and you need not worry as HMWP IDS will take care of this and will block the malicious requests if Impact level is more than 20 (default value specified in HMWP IDS). You can stop receiving emails regarding this by setting “Notification Threshold” option to 0 in IDS Firewall tab.
- This reply was modified 6 years ago by Suman M..
July 22, 2019 at 12:41 pm #26968

Suman M.
Post count: 12480

This reply has been marked as private.
Author

Posts

Viewing 3 posts - 1 through 3 (of 3 total)

Save

You must be logged in to reply to this topic.