Today, hacking WordPress is a pretty dangerous common problem. It seems to me that out of 10 bloggers about 6 are exposed to either hacking their site or are infected with malware.
More and more views are earning content on how to avoid hacking WordPress, and every day there is the new material. Many readers ask how they can protect themselves. So, today I want to offer you a detailed story about everything I know about how to prevent a site from being hacked into WordPress and to avoid getting infected with malware.
1. History
2. Scanning the computer
3. Protecting WordPress
3.1 Changing passwords
3.2 Creating a backup copy of the blog
3.3 Installing security plug-ins
4. .htaccess
Read also : 17 Ways to Protect Your Website on WordPress
There are several reasons why I decided to write this article. First of all, I was in a situation where malicious software appeared on both hosts that I trusted. Yes, I know that this is completely unpleasant, especially because I try to prove myself in the role of a professional in that field. Nevertheless, that nothing is perfect, and we will never manage to stop hackers and spammers, but we can seriously annoy them, using the right strategies and code that will secure our blogs and sites.
In the title you saw the combination of “full leadership”, because I want to try to include as much as possible all the necessary information. I will update this record as I learn something new – I do not really want to write individual articles on each issue, and I want to collect all the information in one place so that in any situation you might be able to ask for help, using only one link. You can bookmark this page, and always return to it in the future if your blog is compromised.
There is very little difference between malware infection and hacking. Although, until your resource becomes mega-popular or until you have a personal disagreement with the hacker, I see no reason why your site may be susceptible to hacking. If the hacker wants, he can launch botnets, arrange a DDOS attack, and within a couple of seconds “put down” your site, and if you are using virtual hosting with other sites, then your chance to defend is approximately zero. But do not be scared at once. I say this only because often blogs infect malware or are hacked due to the presence of open security holes.
So what is this vulnerability in the security of our sites? First of all, most of us – bloggers or site owners – start with virtual hosting. There is nothing wrong with virtual hosting, and even I have accounts on three different servers. However, the downside here is that virtual hosting can be easily infected. Now remember that several other users also use the same server. You have the same ip server! Suppose that one of your neighbors just begins to go into the details of running your own site.
Read also : 9 WordPress Plugins For Malware Detection
There can be anything: a weak password, a badly protected blog on wordpress, or their own computer is infected with a trojan. In either case, the likelihood of the hacker gaining access to the server, placing malicious software on it, greatly increases the likelihood that the hacker will then spread to other blogs and sites hosted on the same hosting.
Before I tell you about the recent case of infecting my blog, I would like to assure you that hackers always have some kind of motive. As I said earlier, in most cases, when someone says that his site “hacked”, it means that he was infected with malware. Villains often scan sites for vulnerabilities … even too often. Especially if you have any disagreements with the hacker.
Simply , in most cases, hackers simply conduct a massive scan of the sites for a vulnerability, and then simply infect the server with malicious software, allowing infiltrations to infect other sites. Malicious software can be really troublesome for bloggers. Unlike the simple modification of the .htaccess file, which can easily be fixed, the software can get inside your scripts, into the template files, the database, etc.
In 80% of cases, people turn to specialists for assistance when their blog is compromised or infected. If you do not have good protection and knowledge in the field of databases and Javascript behind your back, then I very much doubt that you will manage to cope on your own. In fact, even I could not do everything to the end. One of the reasons was that I had several blogs on this virtual hosting, and it would take a lot of time to check and clean them all. I found the best solution, which I will tell you about later.
Now, since you already know what malware is and what it is capable of, let me begin my story. So, you already understood that some of my blogs have recently been infected. Who cares about this, right? No one cares about this, but I would like to share important information about how I discovered the invasion, and how I got rid of the malware.
Infected site
Read also : How to search for malicious code in WordPress
Almost 2 weeks ago, when I started to search for keywords to check the position of my site, I found a meta description near the link “This site can hurt your computer”. When I clicked on this link, google warned me that I was going to go to an infected site. When I saw this, I did not really understand what it was and how to fix it, because this was my first time. When I scanned the site using online antivirus, I found that several pages, including a file from the root directory, were infected with malicious software in javascript. My blog was also blacklisted by Google.
I was not intimidated by the fact that I got on the black list, because there are always ways to fix it. However, I was thrilled with the way it could affect my reputation and the attitude of users towards me. Imagine that you find a site in my Google search results with my name, which is marked as a dangerous viral site?
You probably will think that I’m some sort of spammer or worse. But you hardly think about the fact that I myself can be a victim, and even less likely to think about the fact that other blogs on our shared virtual hosting were infected, for example. This can really adversely affect the reputation of the owner of the blog. I think you can imagine such a picture.
After some research, I found a lot of extra stuff on the server. Remember, I said that in most cases hackers get access with the help of holes? In my case, it was not so.
I found that I downloaded the Trojan from some site that was running on my computer on Windows 7. Many people boast that they have the best antiviruses: Kaspersky, Avast, Nod 32 and so on. Let me tell you that I used most of them, and they all could not help me.
Now you are probably wondering about the fact that if Avast is so good, how did my computer get infected? Great question: I’m incredibly much on the Internet, and my computer on Windows is running 24/7. Avast has automatic protection, and site locking is always on.
Unfortunately, a couple of weeks ago, after updating Avast, I found a bug that disabled protection with blocking sites. I did not notice this, or maybe even ignored, not thinking about how seriously everything could be serious. I was wrong.
I used Avast on 2 of my computers running on Windows for 1.5 years already and, judging from my personal research, this tool protects against quite a lot of mucks. Nothing is perfect, but if I had to choose an antivirus again, I would still choose Avast.
After scanning the system, I found that my PC was infected with an incredibly malicious rootkit trojan. Rootkits are terrible. For more details, I recommend contacting Google. They hide, allowing hackers to gain control over some programs and run without your knowledge. In my case, I had the opportunity to remove the rootkit using a scanner from DrWeb (link below), but unfortunately, this rootkit also installed malware on my server.
Yes, you read it right. Let’s assume that there is a Trojan on my PC, and I do not know about it. I use an FTP client like filezilla to authenticate to the server. In this case, the Trojan is able to steal your authorization data, and then directly download malware to the server.
Scanning, detecting and fixing malware
Read also : How to remove a virus or malicious code from WordPress?
Who can be blamed here? A beginner on your virtual hosting? You yourself? Hacker? Or an antivirus? Let’s not blame anyone, and instead will try to be responsible and vigilant. At the moment I can not provide you with a comprehensive guide on how to remove malware from the server, as, as I already mentioned, scan your PC first using the free soft from DrWeb and remove all malicious software that you find (if you find it). Your computer must be protected in the first place, since it can act as an access point through which an attacker enters your server
We protect WordPress from malicious software
Now that you’ve got rid of the malware that infected your blog, you can start installing several plug-ins and tweaking some of the codes. Let’s get started!
Change passwords
If your blog has been infected, there is a high probability that your password was also exposed. Log in to cPanel and change all passwords. Try to use symbols in different case, and also use special symbols and numbers. I recommend that you use all the options. The same advice, I gave in the article about the first steps in hacking the site.
After you figure out the passwords in cpanel, it’s time to change the password to log in to WordPress. Again, I recommend that you use something new, unique. By the way, in order not to forget passwords and store them in a safe place, I recommend using the Kaspersky Password Manager – Kaspersky Password Manager, it made life much simpler for me. It autocomplete forms of authorization on the site and in programs and encrypts the entire password database. I think that I spent 30$ on it for nothing.
Create a backup of your entire WordPress blog
This is the most important stage, and it can not be ignored. I remember talking to a security specialist on the Internet, and he told me that you can not even be afraid of anything if there is a backup copy of the site in stock. I then froze for a moment, and this phrase was deposited in my memory, because I did not have a backup … The benefit at that time was that my blog was very small, but I tried to imagine how sad the situation would be if it was a blog with tons of information and content.
Although most webhosts make backup copies of information from servers, it is better to insure yourself.
Installing security plug-ins
Now that you have a full backup of your blog on WordPress, you do not have to worry about anything, since you can always restore the normal version. Now it’s time to sort out the plugins for site security.
1. WP Security Scanner
This is a lightweight scanner from Website Defender. Install it and just go through the steps. There is an option that allows you to rename the table prefix in the database. Change it to something that will be hard to guess. Usually WordPress is installed with the prefix wp_. This makes it easier for hackers to identify weak databases, through which penetration can be realized.
2. Better WP Security
Better WP Security includes the best WordPress security features. This plugin is able to offer you almost everything you need, and it should be the # 1 plug-in for every blogger. Ask “why?”. Yes, because with just one click you can activate many necessary system security features for advanced users, the plug-in will create and upgrade .htaccess itself in such a way as to increase the security of your blog.
You do not have to manually create .htaccess and take care of the codes. Allow the plug-in to do everything for you. L above, in most cases it will be easier for you to simply use the services of some specialist. I’m not saying that it’s impossible to do on your own, I’m just trying to better protect your sites and blogs on wordpress.
Scanning, detecting and fixing malware
After installing and activating the plug-in, we need to do something else. First of all, you will need to enable “secure from basic attack” in one click, and see how many green and blue items you will be displayed. Both colors report that everything is OK! Green is responsible for excellent protection, and blue tells you that you can make this item green, but then some plug-ins will not work and so you can leave everything in its place. A red color indicates a danger.
Now click on the “hide backend” tab and enable this option. The “hide backend” function changes the URL where you can access the internal interface of WordPress.
If you have just installed the latest version of WordPress, I recommend that you click on the “Content Directory” tab, and change the directory name. This will add one more level of security. But do it only if your blog is absolutely new! Remember that if you change the directory on an already running blog, most links will stop working.
The main task here is to change the codes to improve security. Play with the options, and see which option suits you the most. For example, I can change all blue items to green, since this will not affect the performance of my blog or installed plug-ins. However, the same settings can significantly affect the performance of your blog or template. As I already said, the trial and error works well here. Today I told you about important steps, and it’s up to you whether you do it or not.
Verdict
I do not even know whether to rejoice or grieve over the fact that my blogs are hacked and infected. Sometimes I think that if my blog were not hacked, then I would not have thought about writing such an article, and then my readers would not know about my experience, because all that I write is my personal experience and the stages I’ve gone through in life and our common cause.
As I said before, there is no full-fledged guaranteed way to protect your blog, but if you take any steps to protect it, you will succeed. You will not take more than a couple of hours to do everything described in this article, and in the future it will bring you huge benefits! Now go, and protect your blog from the villains! (Keep in mind that in some cases a simple WordPress version Update can delete all the viruses on your site because all the wp files are re writed)
