{"id":2302,"date":"2021-05-25T13:22:36","date_gmt":"2021-05-25T11:22:36","guid":{"rendered":"https:\/\/www.h-hennes.fr\/blog\/?p=2302"},"modified":"2021-05-25T13:23:14","modified_gmt":"2021-05-25T11:23:14","slug":"wordpress-hacke-que-faire","status":"publish","type":"post","link":"https:\/\/www.h-hennes.fr\/blog\/2021\/05\/25\/wordpress-hacke-que-faire\/","title":{"rendered":"WordPress hack\u00e9 , que faire ?"},"content":{"rendered":"\n

Suite \u00e0 la remarque d’un visiteur ( que je remercie encore au passage ), j’ai d\u00e9couvert r\u00e9cemment que le blog avait \u00e9t\u00e9 hack\u00e9 et que du contenu de spam \u00e9tait h\u00e9berg\u00e9 sur mon domaine.
Ce blog comme beaucoup d’autres utilise WordPress, et \u00e0 la fois la version globale de WordPress et les plugins sont mis \u00e0 jour r\u00e9guli\u00e8rement.
Je n’ai pas trouv\u00e9 quelle est la faille initiale qui a permis l’envoi de fichier compromis.
En revanche voici comment j’ai proc\u00e9d\u00e9 pour corriger.<\/p>\n\n\n\n

Installer le plugin WordFence<\/h3>\n\n\n\n

Apr\u00e8s quelques jour du jeu de la chat et la souris de suppression manuelle des fichiers qui revenaient quelques heures plus tard, je me suis d\u00e9cid\u00e9 \u00e0 chercher un plugin qui pourrait corriger cela tout seul.

J’ai trouv\u00e9 Wordfence<\/strong> : https:\/\/fr.wordpress.org\/plugins\/wordfence\/<\/a> qui est not\u00e9 plus de 4,5\/5 sur pr\u00e8s de 4 millions d’installations.
C’est un module freenium ( version gratuite mais avec des fonctionnalit\u00e9 avanc\u00e9es payantes)
La version gratuite est tout \u00e0 fait suffisante.
L’outil permets de faire directement un scan des fichiers du core wordpress ainsi que de l’ensemble des plugins install\u00e9s:
Il identifie l’ensemble des fichiers modifi\u00e9s et permets de visualiser les diff\u00e9rences, et m\u00eame de corriger et nettoyer les fichiers directement depuis le back office en un clic.<\/p>\n\n\n\n

\"\"<\/a><\/figure>\n\n\n\n

Apr\u00e8s avoir mis en place l’ensemble des pr\u00e9conisations du module, je n’ai plus constat\u00e9 de probl\u00e8mes depuis plusieurs semaines \ud83d\ude42
J’ai \u00e9t\u00e9 assez agr\u00e9ablement surpris d’avoir r\u00e9gl\u00e9 le probl\u00e8me plut\u00f4t facilement, mais je continue cependant \u00e0 suivre ce qu’il se passe.<\/p>\n\n\n\n

Suppression du spam de google<\/h3>\n\n\n\n

Dans mon cas j’ai eut \u00e9norm\u00e9ment de pages avec des contenus de spam sur des sujets tendances index\u00e9s.
Une fois ces pages dans l’index, il faut demander leur suppression via la search console.
Par chance ceux-ci avait \u00e9t\u00e9 plac\u00e9 dans des sous-dossiers, ce qui permets de faire une demande de suppression pour toutes les urls avec le pr\u00e9fixe.
En revanche apr\u00e8s pas de miracles il faut le temps que google supprime tous les donn\u00e9es et \u00e7a prends un peu de temps.<\/p>\n\n\n\n

\"\"<\/a><\/figure>\n","protected":false},"excerpt":{"rendered":"

Suite \u00e0 la remarque d’un visiteur ( que je remercie encore au passage ), j’ai d\u00e9couvert r\u00e9cemment que le blog avait \u00e9t\u00e9 hack\u00e9 et que du contenu de spam \u00e9tait h\u00e9berg\u00e9 sur mon domaine.Ce blog comme beaucoup d’autres utilise WordPress, et \u00e0 la fois la version globale de WordPress et les plugins sont mis \u00e0 […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[6],"tags":[571,259,480],"class_list":["post-2302","post","type-post","status-publish","format-standard","hentry","category-trucs-et-astuces","tag-hack","tag-spam","tag-wordpress"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/posts\/2302","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/comments?post=2302"}],"version-history":[{"count":3,"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/posts\/2302\/revisions"}],"predecessor-version":[{"id":2307,"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/posts\/2302\/revisions\/2307"}],"wp:attachment":[{"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/media?parent=2302"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/categories?post=2302"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.h-hennes.fr\/blog\/wp-json\/wp\/v2\/tags?post=2302"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}