Tidy the server from X-ransom attack

Hello, Our Wordpress website was attacked by x-ransom. We have a backup of the WP and the database dump. We have detected some corrupted files there but it seems that there are still some left that were not detected. It has to be tidy after the attack.

It’s an internet shop with uploads files of around 100GB. It’s stored on a private hosting in LV.

What is done do far:

1. Update WordPress Version

2. Use z’d updateSecure WP-Admin Credentials

3. Set Up Safelist and Blocklist for the Admin Page

4. Use Trusted WordPress Themes

5. Install SSL Certificate

6. Remove Unused WordPress Plugins and Themes

7. Enable Two-Factor Authentication for WP-Admin

8. Back Up WordPress

9. Limit Attempts

10. Change the WordPress Page URL

11. Log Idle Users Out Automatically

12. Monitor User Activity

13. Check for Malware - found several none-Wordpress specious files and plugins. Deleted them.

14. Disable PHP Error Reporting

15. Turn File Editing Off

16. Restrict Access Using the.htaccess File

17. Change the Default WordPress Database Prefix - not done

18. Disable XML-RPC

19. Hide the WordPress Version

20. Block Hotlinking - not done

21. Manage File Permissions not done

After making the list, we received another x-ransome attack. I suspect he has a server level access not only wp level. If you apply, you need to be a server security and a Wordpress specialist. Please, quote for the job.

Budget: EUR 100 (Fixed Price)

Proposals: 28 freelancers have applied