We will explain how to investigate unauthorized access to admin-ajax.php in WordPress
Category: WordPress Security Page 2/14
What to do if a wordpress site has an include statement in index.php that loads and executes malware
Here is what to do if your wordpress site has an include statement in index.php that loads and executes malware.
Here are five minimum security precautions to take when managing a WordPress site. In our experience, this will prevent more than 90% of hacking attempts.
Here is what to do if you are unable to download a WordPress plugin.
We will analyze the malware hidden in the process of automatically rewriting index.php and htaccess files and explain how it works.
Vulnerability testing of WordPress plugins should be performed on a regular basis. We will explain the reasons for this.
Many of today’s malware spread infection to all folders beyond the domain folders in the server. In this article, we will discuss the infection of initial subdomain folders on unused servers, which is often overlooked.
This section describes a brute force attack that tries and breaks through WordPress users’ passwords by brute force and how to deal with it.
We would like to talk about whether hacking (tampering) with a WordPress site can lead to a case for damages for users who access the site, based on our experience.
This section describes malware that uses a text copy and paste service in WordPress.
Around 30% of the WordPress sites we receive these days have rogue WordPress users, and the hacking technique of creating rogue users on WordPress is spreading.
We will explain a new type of malware that is spreading these days: fake updates.
When a site is hacked and defaced, some webmasters generally assume that hackers have targeted your site and infiltrated it with advanced technology, but this is not the case with WordPress. This is not the case with WordPress.
There is a type of WordPress malware that registers fraudulent e-commerce site pages in Google search results without permission. We will explain whether (and when) such malicious search results disappear after the malware is removed.
We will explain the precautions to take when multiple WordPress sites across the server have been infected (tampered with) by malware.
We have discovered a case of malware (redirect code) being written to the WPCode – Insert Headers and Footers plugin in WordPress.
This section describes a web shell that can be installed via a vulnerability in WordPress.
Here are some ways to test for vulnerabilities in the WordPress mainframe and plugins.
