Hackers target vulnerabilities in WordPress to gain various unauthorized access. The most common of these attacks is against admin-ajax.php.
Why do hackers target WordPress admin-ajax.php?
admin-ajax.php is a file that is built into WordPress from the beginning and is located in the wp-admin folder.
admin-ajax.php is a mechanism for WordPress itself, themes, and plugins to communicate behind the scenes, and is often used to update posts, save settings, and send emails, for example, without moving from one screen to another.
The implementation of such a program is as follows, and the processing is implemented in each theme and plugin.
add_action("wp_ajax_my_function", "my_function"); function my_function() { // The actual implementation of the processing is done in each plugin or theme }
The vulnerability in the implementation part of each plugin or theme is targeted by hackers to admin-ajax.php.
*The attack on admin-ajax.php can be visualized with the [Free] WordPress:Malware Scan & Security Plugin [Malware and Virus Detection and Removal].
How to deal with attacks on admin-ajax.php
A hacker attack on admin-ajax.php does not necessarily mean that it is successful.
Hackers use tools to exploit vulnerabilities in WordPress sites via admin-ajax.php in a haphazard manner and attack sites in a successful methodology.
However, if successful, the WordPress site may be tampered with and malware may be embedded.
Stopping and deleting admin-ajax.php is difficult.
It is difficult to completely stop admin-ajax.php from working in order to improve security because, as mentioned above, admin-ajax.php is a very commonly used mechanism that can have a significant negative impact on the operation of the site.
Therefore, it is important to eliminate the possibility of vulnerabilities being breached through admin-ajax.php, i.e., to leave the site vulnerable.
For this purpose, the following measures are taken.
Regularly inspect the site for vulnerabilities.
Avoid installing unnecessary plug-ins and themes.
We do not use plug-ins or themes that have been out of date for a long period of time and replace them with new ones that are updated as often as possible.
Keep WordPress and plugin themes up-to-date and free of vulnerabilities (regular updates).