Our client asked us if we could prevent the attacks themselves, since hackers have not stopped attacking them. Here is an explanation.

Detecting attacks on WordPress

Free] WordPress:Malware Scan & Security Plugin [Malware and Virus Detection and Removal].

allows you to detect what kind of attacks are being made on your WordPress site and save them as a log for a certain period of time for viewing.

The log below shows an attack that attempts to download wp-config.php by sending the vulnerable duplicator_download instruction to admin-ajax.

You can also view the logs of a brute force attack (an attack that repeatedly breaks passwords by brute-force login) that was blocked by the plugin.

Detecting an attack does not necessarily mean the attack was successful.

By far, detecting such an attack does not mean that the WordPress site has been hacked (tampered with), because if the vulnerability is not on the site, the attack will not be successful.

Why would a hacker repeat an attack on a WordPress site without success?

Such attacks are actually done to any site, but they are detected and visualized by the aforementioned plug-ins.

Many hackers use tools that automatically attack one WordPress vulnerability after another from a huge list of WordPress sites.

For this reason, even if an attack is not successful, they will try it anyway to see if it succeeds, and if it does not, they will quickly move on to the next site.

Can the attack itself be prevented?

It is difficult to distinguish these hacker attacks from general site access, and since vulnerabilities are discovered daily, the processing instructions sent by hackers who try to take advantage of these vulnerabilities can change in a short period of time, making it difficult to formulate a formula for the attack.

This makes it impossible to create a defensive barrier that would allow hackers to pattern their attacks in such a way that they would be effective over time.
Unfortunately, it is difficult to completely prevent hacker attacks themselves.

However, if you use the aforementioned plug-in functionality, it is possible to determine in real time whether there are vulnerabilities that are frequently attacked and whether malware is mixed in with the hacker’s attacks, and to block them to some extent.

The key to WordPress security measures is to prevent attacks from succeeding.

Attacks on WordPress sites, no matter how small, are repeated on a daily basis, mixed in with general access.
And, as mentioned above, it is difficult to isolate these attacks and block them all in the pre-attack phase.

For this reason, the basic security measure for a WordPress site is to prevent attacks from being successful.

Since there are hundreds of millions of WordPress sites, hackers are only interested in those that are easiest to penetrate. Therefore, even simple security measures can greatly reduce the chance of being hacked.

Reference
5 Free WordPress Security Measures

Related Posts:

  1. What is a WordPress injection attack?
    There are various methods by which WordPress can be hacked, the most common of which is called an injection attack. This section describes these injection attacks....
  2. What is a 0Day attack that exploits a WordPress vulnerability?
    About 60% of WordPress tampering damage is caused by vulnerabilities in the old WordPress itself and plugins. Some of these are 0-day attacks. This is explained here....
  3. Log-in-related security measures alone are not enough to prevent WordPress hacking
    We understand that many sites have installed various security plug-ins to prevent WordPress hacking, but some plug-ins are specialized for the login screen only. These plug-ins do not provide much protection against WordPress hacking. We will explain why....
  4. When WordPress is hacked, do you know the cause, date and time of the hack?
    One of the rare questions we receive when WordPress Doctor recovers from malware or tampering on behalf of our clients is that they want to know the cause and date of the problem. Here is an explanation of how we can find out....
  5. 5 characteristics of sites that are subject to WordPress hacking, hijacking, or defacement.
    At WordPress Doctor, we perform malware removal and security measures on behalf of more than several hundred sites per year. Based on this experience, we would like to share with you the characteristics of sites that have been hacked, hijacked, or defaced....
  6. Can converting a WordPress site to SSL (HTTPS) prevent hacking?
    We will explain whether or not hacking (tampering and malware infection) can be prevented if you convert your WordPress site to SSL (HTTPS)....