Our client asked us if we could prevent the attacks themselves, since hackers have not stopped attacking them. Here is an explanation.
Detecting attacks on WordPress
Free] WordPress:Malware Scan & Security Plugin [Malware and Virus Detection and Removal].
allows you to detect what kind of attacks are being made on your WordPress site and save them as a log for a certain period of time for viewing.
The log below shows an attack that attempts to download wp-config.php by sending the vulnerable duplicator_download instruction to admin-ajax.
You can also view the logs of a brute force attack (an attack that repeatedly breaks passwords by brute-force login) that was blocked by the plugin.
Detecting an attack does not necessarily mean the attack was successful.
By far, detecting such an attack does not mean that the WordPress site has been hacked (tampered with), because if the vulnerability is not on the site, the attack will not be successful.
Why would a hacker repeat an attack on a WordPress site without success?
Such attacks are actually done to any site, but they are detected and visualized by the aforementioned plug-ins.
Many hackers use tools that automatically attack one WordPress vulnerability after another from a huge list of WordPress sites.
For this reason, even if an attack is not successful, they will try it anyway to see if it succeeds, and if it does not, they will quickly move on to the next site.
Can the attack itself be prevented?
It is difficult to distinguish these hacker attacks from general site access, and since vulnerabilities are discovered daily, the processing instructions sent by hackers who try to take advantage of these vulnerabilities can change in a short period of time, making it difficult to formulate a formula for the attack.
This makes it impossible to create a defensive barrier that would allow hackers to pattern their attacks in such a way that they would be effective over time.
Unfortunately, it is difficult to completely prevent hacker attacks themselves.
However, if you use the aforementioned plug-in functionality, it is possible to determine in real time whether there are vulnerabilities that are frequently attacked and whether malware is mixed in with the hacker’s attacks, and to block them to some extent.
The key to WordPress security measures is to prevent attacks from succeeding.
Attacks on WordPress sites, no matter how small, are repeated on a daily basis, mixed in with general access.
And, as mentioned above, it is difficult to isolate these attacks and block them all in the pre-attack phase.
For this reason, the basic security measure for a WordPress site is to prevent attacks from being successful.
Since there are hundreds of millions of WordPress sites, hackers are only interested in those that are easiest to penetrate. Therefore, even simple security measures can greatly reduce the chance of being hacked.
Reference
5 Free WordPress Security Measures