We all like to use WordPress. Joomla has a similar fondness. The statistics are confirmation. Currently, at least one out of every four sites is already running on the free WordPress platform. The popularity of this CMS should come as no surprise. Convenience in use, no fees and a multitude of plugins with add-ons. However, it’s easy to forget the dark side of success. If something achieves such popularity, it is likely that someone will try to exploit it with not-so-good intentions. The security issue is mainly related to the installation of plug-ins of unknown origin.
Be careful with free plugins
The radical advice is: don’t download free WordPress add-ons from sources you are not sure of. Many of them have viruses/trojans in their code, activating as soon as the installation process is completed. Moments later, you can expect a whole series of hacks. At best, the site will “grow” mildly with a few trojans. At worst, someone will take advantage of a “gateway” on the site and delete all its content. We wrote about a sizable affair with infected plugins back in 2014.
Protecting Smarthost servers from infected plugins
Smarthost servers we supplemented with a script that searches for suspicious passages in the code of plugins and add-ons . It has a database of about 3000 exploits on Joomla/Wordpress. It works by detecting attempts at unauthorized changes to the site.
Monitoring is concerned with intrusions through, among other things, holes in libraries, provided by spam sites that are used to send emails. The script detects the upload of a virus-ridden file, preventing an attack using, for example, a stolen password for popular file managers. Despite having access credentials, the suspicious file will be indicated as a security breach.
When an infected piece of code is detected, the file is moved to quarantine. Information about the incident is received by our administrators. The message is forwarded through them to the site owner. This helps to stop further actions of expliters, which can prove to be very troublesome.
At Smarthost, we have chosen to address plugin security concerns. We regularly update our servers with commercial solutions to take care of our clients data security. We get ahead of hackers before they start hacking your site 😉.
The article is prepared jointly by a group of people from the Smarthost Administrators.
- Why is Redis better than Memcached? - September 16, 2024
- What is DMARC and why should you have it? - July 12, 2023
- Why its worth to use LSCache? - July 15, 2021