What is the Malware Scan & Security Plug-in Real-time Block function?
WordPress Doctor researches and databases what kind of attacks hackers are launching against WordPress on a daily basis.
For example, as of May 2021, the following attacks are the most common attacks that WordPress Doctor has statistics on.
Attack file admin-ajax.php → Action duplicator_download
This attack attempts to take advantage of a vulnerability in the old duplicator plugin that allows arbitrary files to be downloaded, such as wp-config.php, and hackers attempt to download them to gain access to the database.
Attack file IOptimizes.php
This file will be a backdoor file that has already been tampered with by WordPress and embedded by hackers. Any work that is possible on the server can be done from the outside. If another hacker has successfully infiltrated and embedded this backdoor, it may be available to other hackers as well.
Attack file admin-ajax.php → Action uploadFontIcon
This attack also exploits a vulnerability in the old WordPress WPBakery and Kaswara plugins, which allows arbitrary files to be uploaded to the server.
Hackers can embed malicious programs (backdoors) into your site.
Malware Scan & Security Plug-ins Real-time blocking feature blocks hacker attacks before they are completed
Free WordPress:Malware Scan & Security Plugin [Malware and Virus Detection and Removal] ‘s paid feature allows you to get these hackers’ attack patterns daily and block them before they complete.
Hackers’ attack patterns change daily as they discover vulnerabilities. Undisclosed vulnerabilities (called zero-day attacks) are also exploited, although rarely.
(Many attacks are relatively easy to exploit, often against publicly disclosed vulnerabilities. This is because many hackers do not have superior technology.)
WordPress Doctor updates and distributes this attack pattern daily and allows plugins to defend against it.
*We ask for your understanding that the real-time blocking feature may interfere with the use of some functions of some plugins.
*When a hacker attack is blocked in real-time, it is recorded as a log.