This morning I learned that serious vulnerability has been found in WordPress core and that updating fast is critical! WordPress released a new version 3.4.2 yesterday that besides the essential security fixes also have a few functional bug-fixes. Failing to prioritize an upgrade like this may be an invitation for hackers, but make sure you follow the upgrade guideline and that you make a full backup before proceeding!
Typically hackers seek to use WordPress websites as a platform to distribute malware and steal traffic and the huge popularity of WordPress makes it an ideal target. Many blogs have a good deal of traffic and once a vulnerability is known it is possible to write programs that systematically scan WordPress websites for the invulnerability.
Once a site has been affected it is unfortunately quite difficult to identify the malware and find the many back-doors hackers install to keep the site under their control. Therefore site owners are often not aware of the problem – at least not until the site locked out by major browsers and search engines showing a warning and recommending users to stay away from the infected website. This is where you start to panic… I did the first time it happened to one of my sites. Good news is that once the site is cleaned it is possible to request the ban to be lifted e.g. using Google Webmaster Tools.
[exec]$filestr = file_get_contents(‘https://www.tripwiremagazine.com/googleadsensebelowmoretag.inc’);echo $filestr;[/exec]
I use WebsiteDefender to protect and scan all my sites daily and I get warnings like the one below when plugins or core service need to be upgraded. This is useful as it makes the window of opportunity for hackers a lot smaller … if you react on the warnings.
I have had one of my sites hacked some time ago and I was really under pressure. I did some research and found WebsiteDefender to be very useful (started using the free service). After trying to get rid of a hacker infection for weeks I found it to be very effective for identifying and cleaning the infected files spread all over my server – used by the hacker to gain access to the server (hidden back doors).
I also use Sucuri as I find their 1-click hardening effective. Further it works a bit differently than WebsiteDefender (daily scanning – premium plan) and do proactive protection – among other things it block IPs that send “suspicious requests”, keeps a record of all transactions performed in the back-end etc.
Lars is passionate about web design, web development, SEO, social media and loves to look into new technologies, techniques, tools etc. and to write articles for tripwire magazine readers.