Malware infection is not only a WordPress problem, but is common to all CMS. (WordPress stands out because of its overwhelming popularity, but…) There are an increasing number of cases where old Movable Type is left unattended on a server and malware infection spreads to WordPress sites from there.
Malware infection from old Movable Type
Movable Type is the second most popular CMS after WordPress, but like WordPress, dangerous vulnerabilities have been reported.
There have been many cases of sites that were originally created using Movable Type, migrated to WordPress, and then left the pre-Movable Type on the server, where the vulnerability in Movable Type led to malware infection in WordPress.
To avoid such a situation, we recommend that you delete the entire Movable Type program data from the server as soon as possible if you have an old Movable Type that is not in use.
(Backups will be taken as necessary before deletion).
Avoid leaving unnecessary programs on the server as much as possible, as this will help improve security.
Many WordPress sites are hacked and defaced or malware (backdoors) are installed due to program vulnerabilities.
Hackers use random tools to check multiple sites for vulnerabilities and attempt to hack into them if they are present.
For this reason, it is important to avoid leaving unnecessary programs on the server to improve security.
We recommend that you check to see if any of the following programs are left on your server
1.Unused themes or plug-ins
2.Unused WordPress sites
3.Unused MovableType
4.PHPMYADMIN, which is used only rarely
If you have any of these programs on your server, we recommend that you remove them from your server as soon as possible.
Even if you are using them, we recommend that you implement basic security measures by installing plug-ins, etc.
Free WordPress:Malware Scan & Security Plug-in [Malware and Virus Detection and Removal]
If one site is hacked, the malware infection can spread to other sites (domain folders) that share the root folder, especially if there are multiple sites on the server.
If multiple domain sites are installed on a server, it is recommended that all of them be secured to ensure safe site operation.
Even if you don’t have to take difficult security measures, just basic security measures can greatly increase the security of your WordPress site, as hackers mainly use the most widespread, shallow, and easiest hacking techniques.