When a site is hacked and defaced, some webmasters generally assume that hackers have targeted your site and infiltrated it with advanced technology, but this is not the case with WordPress. This is not the case with WordPress.

Hacking of a WordPress site is not a targeted attack on your site!

Some webmasters think that if their site has been defaced by a hacking attack, hackers spent hours or days on their site to find vulnerabilities, etc., and that they used advanced technology to get into the site. However, in almost all cases, WordPress has not been hacked in such a way.

WordPress sites are used by 30% of the world’s sites, and there are hundreds of millions of sites. Hackers attack sites using a mass-attack methodology, finding the easiest site to hack from this list of hundreds of millions of sites and then breaking in.

If the hacker cannot break into a site easily, he or she will immediately give up and try another site. (This is because there are many other sites that can be penetrated more easily.)

Hackers do not use advanced techniques to break into sites, but prefer to attack vulnerabilities in plugins and themes that are the easiest to exploit and most likely to be present in many sites.

The programs that make up WordPress sites are open source and vulnerabilities have already been investigated by thousands of technicians, and the vulnerabilities that are found are publicly available!

Hackers use search engines to obtain a list of WordPress sites, and then attack them by hitting vulner abilities in plug-ins and themes that are installed on many sites, one after another, using tools to hit vulnerabilities at random, even if the attacks don’t work. We will attack your site.

WordPress vulnerabilities are publicized on websites such as NIST to alert users of vulnerabilities in various programs, and hackers often use this information to build hacking tools.

Therefore, if you are using a patched WordPress, theme, or plugin, hackers will not be able to successfully exploit the vulnerabilities.

It is nearly impossible to find undiscovered vulnerabilities in individual programs, and even if you do find them, it is unlikely that the hacker used the vulnerability to attack the site, so there is little point.

It is difficult to determine the date and reason for a successful hack.

As mentioned above, WordPress hackers attack a large number of sites by hitting vulnerabilities at random, so only traces of a large number of attacks (including those that are difficult to separate from general access logs) will remain.

Many servers only keep simple access logs, and almost all servers do not keep data on what kind of data the hacker sent by POST or other means.
And even if such access logs were taken, it is extremely difficult to identify successful attacks among the enormous number of attack traces. (It is necessary to reproduce each attack method one by one to determine whether it is successful or not. Even if we were able to identify a vulnerability that could be successfully exploited, it would also be difficult to determine whether the hacker subsequently exploited that vulnerability.)

Hackers may also take advantage of backdoors set up by other hackers. In cases where multiple hackers are defacing a site, the defacement will not stop until the backdoor is removed from the server.

For this reason, the idea of pinpointing when and how a WordPress site was breached and then implementing security measures to block it is not a realistic approach to WordPress security measures.

WordPress Security Measures

WordPress security measures need to take into account the particularities of the WordPress attack method.
For the time being, the following measures are the most effective and efficient

Remove malware (backdoors) from the server

Please use our plugin for malware scanning and removal if you like!
Free WordPress:Malware Scan & Security Plugin [Malware and Virus Detection and Removal].



It is also important that you do not leave any known vulnerable programs (WordPress itself, themes, plugins) on your server.
(*Themes and plugins can be accessed directly via the Internet even if they are deactivated, so leaving deactivated themes and plugins on the server is also dangerous.)

It is also said that 60% of successful hacking is due to vulnerability attacks on theme and plugin programs, and 20% is due to weak passwords for administrator privileges, which can be broken by brute force attacks. For this reason, it is also important to ensure that the passwords of users with administrative privileges are strong.

Reference
5 Free WordPress Security Measures

We hope this was helpful.

Related Posts:

  1. Log-in-related security measures alone are not enough to prevent WordPress hacking
    We understand that many sites have installed various security plug-ins to prevent WordPress hacking, but some plug-ins are specialized for the login screen only. These plug-ins do not provide much protection against WordPress hacking. We will explain why....
  2. How Hackers Discover Your WordPress Site Dork
    It is dangerous to run a WordPress site and think that it will not be targeted because of low traffic. We will explain why low traffic does not necessarily mean that your site will not be hacked....
  3. How to check individual WordPress themes and plugins for vulnerabilities
    Here are some ways to check for vulnerabilities in WordPress themes and plugins....
  4. Spread of malware infection to WordPress sites due to neglect of old Movable Type
    Malware infection is not only a WordPress problem, but is common to all CMS. (WordPress stands out because of its overwhelming popularity, but…) There are an increasing number of cases where old Movable Type is left unattended on a server and malware infection spreads to WordPress sites from there....
  5. 5 operations that are at high risk of WordPress sites being hacked and tampered with.
    We will explain the five most dangerous ways to operate a WordPress site that can lead to it being hacked, defaced, sent to another site, or in the form of embedded malware. We hope that you will use this information as a lesson to the contrary....
  6. When WordPress is hacked, do you know the cause, date and time of the hack?
    One of the rare questions we receive when WordPress Doctor recovers from malware or tampering on behalf of our clients is that they want to know the cause and date of the problem. Here is an explanation of how we can find out....