Here are some of the most common attack patterns recorded as hacking logs that we detect on a daily basis.
Access logs of hackers’ most common hacks as of January 2021
When hackers find a WordPress site on a search engine, they first check for vulnerabilities or backdoors that have already been embedded by other hackers or in themes, plugins, and other components of the site.
Here are some of the most common methods that have been detected recently.
1 /wp-content/plugins/temp.php /wp-content/uploads/2020/xx/content-post.php , doc.php
This is a log that is recorded when another hacker tries to take advantage of a backdoor that has already been embedded by the hack. If this file is present on your site, you may have been hacked and should inspect the contents in detail if the file is present.
2 /wp-content/plugins/media-library-assistant/includes/mla-file-downloader.php
The access logs of this hacker are located at \/. \ \… \/. \/wp-config.php is detected along with queries such as: attempting to download the wp-config.php configuration file using a vulnerability in the media-library-assistant plugin.
3 /wp-admin/admin-ajax.php action=revslider_show_image
Similar to the above, this also attempts to download the wp-config.php configuration file by exploiting a vulnerability in the Slider Revolution plugin.
4 /wp-admin/admin-ajax.php action=duplicator_download
Similar to the above, this also attempts to download the wp-config.php configuration file by exploiting a vulnerability in the Duplicator plugin.
It is said that every WordPress site is attacked on average 4 or 5 times a day!
No matter how small the site is, hackers will find the site via search engines, access the above files, and attack the site to see if they can break in. It is said that every site receives on average 4 or 5 attacks a day from hackers.
If a vulnerable file is on the site, hackers will tamper with the site and plant malicious programs on the site to misdirect the entire site to another site or to cause users to download viruses, calculate virtual currency, or do other unauthorized activities on the site. They will customize the site.
You can log and record the hack with the WordPress Doctor Malware Scanner
WordPress:Malware Scanner & Security Plugin [Malware and Virus Detection and Removal] can also be used to detect and log hacking with a unique algorithm.
If you want to use our security features or inspect your site for malware and tampering, please use our security plugin.