We will explain how to prevent SQL injection to improve WordPress security.
What is SQL Injection?
WordPress text data, settings, and user login information are recorded in a database, software that can efficiently store and retrieve information.
SQL injection is the unauthorized retrieval or modification of data in this database by exploiting a gap (vulnerability) in the program. Most WordPress tampering (malware) mainly infects files, but in rare cases, this database-related vulnerability may appear, in which case SQL injection may be used.
Let’s look at an example of SQL injection.
$sql = "Select * from wp-user where id = '". $_REQUEST['userid']."'" ;
This code selects a user in the database with a user id sent over the network, but is vulnerable to sqL injection.
For example, a hacker could insert the following code from the outside into the transmitted data named userid.
=1';Update wp-user set password cell = 'any password' where id ='1
This would execute two connected sql processing instructions as shown below.
Select * from wp-user where id = '1';Update wp-user set password cell = 'any password' where id ='1'
This would be a pointless database selection process and code that would rewrite the administrator’s password.
The problem is that there is no escaping process to treat the externally submitted data $_REQUEST[‘userid’] as a single variable.
Since these vulnerabilities are often covered by updating plugins and themes, constant updating of plugins and themes is an effective way to prevent hackers from attacking your site.
Prevent SQL injection with HTACCESS settings
Simple SQL injection like this can be prevented to some extent with HTACCESS.
Add the following settings to HTACCESS
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{QUERY_STRING} (;|"|=|').*(select|insert|union|declare|drop|update) [NC].
RewriteRule ^(.*)$ - [F,L]
</IfModule>
This process determines externally sent data that includes SQL statement execution processing such as SELECT (originally sent data should be words like userid and should not include SQL execution processing) and blocks it in advance.
This security setting can be easily configured from the WordPress administration screen using the [Free] WordPress: Malware Scan & Security Plug-in [Malware and Virus Detection and Removal]. You can also check plug-ins for SQL injection vulnerabilities. Please take advantage of this service.
