Among the Content Management Systems (CMS) the WordPress is probably the most popular. Our statistics in the Annual Website Malware Report | 2016 show WordPress as leading CMS in 2016. Due to its popularity, it is also prone to vulnerabilities. In the same report it can be seen that 76% of our infected customers were using WordPress.
What Are The Main Components Of The WordPress Installation?
Each WordPress website has three main parts:
I. Core files - the default WordPress installation files.
These files should not be edited except for index.php, licence.txt and readme.html. If the other files are modified, there might be an outside intrusion.
A. Here are the installation files.
B. Configuration files.
wp-config.php - Database configuration and global settings.
.htaccess - Server configuration. Use to manage rules and redirection of site.
Additional codes and functionalities to manage WordPress. After you install the core code of the WordPress you will then typically look for the features and additional functionality to improve your website. There are plenty of free plugins that offer useful features to your website, however you should be very cautious about it. Hacker's entry usually takes place here.
Design or layout of the site. This is the common place where an attacker would add redirection codes.
WordPress Best Practices
Most of the hacker looks for vulnerabilities of plugins and themes aside from WordPress core file because it is easy to penetrate the site. To minimized the risk of attacks, here are our tips on how to harden your site.
- Regular backup. This is a must. Some infections can destroy your site instantly. If your site is hacked, you can easily revert it back from a clean backup.
- Keep your WordPress updated. WordPress actively update its code for security issues. Hackers are constantly looking for security holes to penetrate a site. Updating your WordPress core files regularly will fix this holes.
- Change WordPress Database prefix. WordPress uses default prefix of "wp_" for tables. The bad guys uses SQL injections or automated scripts to access your database.
- Use strong password and username. Attackers use brute force to enter your site. Avoid using common names such as "admin" or "administrator".
- Minimum of 12 characters.
- Must include Numbers, Symbols, Capital Letters, and Lower-Case Letter.
- Not a dictionary word or combined words.
- Use only well-known plugins and themes. Choose those plugins and themes that update regularly. This will assure you they are fixing the bugs.
Signs of Infection
- Alerts coming from your Web browser.
- Blacklisted score is high in the VirusTotal report.
- Google’s search console alerts from your site.
- Spam on your pages and post.
- Site traffic monitor suddenly spikes.
- Website redirection.
- Additional files inside wp-admin and wp-includes directory except default installation files.
- Additional folders in your site.
Is your website flagged for malware, blocked by the search engines or disabled by the host?
Our experts are here to clean up any malware from your sites and remove false-positives, blacklisting and other kinds of alerts by any security vendor and search engines. Just select from suitable ThreatSign! Anti-Malware Plan and get back online.
For other issues and help: Quttera's help-desk