Someone Tried Hacking My Site

[hostmydomain]

I went to login to admin and it said i entered the wrong password? Tried again, Then on the 3rd time i got banned.

 

I went to my email account and someone was trying to login, They then asked for a new password to be sent (reason why my password did not work), I waited until ban was over, Logged in and changed all passwords to whmcs, Ftp, Email and so on.

 

Checked all files to makes sure nothing had changed, I have now banned the recorded ip address and limited admin to my ip only.

 

All the best

[BryanB]

Ok.. you should probably change the name of your admin folder too so it can't be found as easily.

[jeremyhaber]

Yes you should change the admin folder name: http://wiki.whmcs.com/Further_Security_Steps

 

As well block that users IP. It should be in one of your logs or your emails notifications.

[merlinpa1969]

in your admin htaaccess put in a deny all and then allow from the Ips that you want to let in

[hostmydomain]

Hi,

 

Yes, Just done the .htaccess file in admin, Will look into admin and other folders.

 

All the best people & thanks.

[hostmydomain]

I have also added a ssl now and will use when in admin area, Also going to make a point that members of my site keep there scripts up to date.

 

All the best