We will explain how to restore (decode) a malware file that has infected WordPress.
Tag: WordPress security Page 3/13
If you have unused or abandoned WordPress sites on your server, we recommend that you delete them. We will explain the reasons for this and how to delete an abandoned site.
This section explains what to do if you do not know the location of infected malware or if you cannot find it.
There are two types of malware infecting WordPress, one made of javascript and the other made of php.
We will explain how to find backdoors in a hacked and defaced WordPress site.
Malware that infects WordPress is quite different from ordinary computer viruses. Here is an explanation of what makes them different.
Here is what to do if your WordPress site is being warned by Search Console of a large number of noindexes on non-existent WordPress search results pages.
This section explains how WordPress customer information can be leaked if WordPress is hacked.
We will explain how an infection (tampering) with the WordPress database can cause the files on the site (server) to be tampered with.
Hackers target vulnerabilities in WordPress to gain various unauthorized access. The most common of these attacks is against admin-ajax.php.
WordPress outputs user login IDs and ID numbers in JSON. Although this is a specification, it may make your site more vulnerable to hackers for security reasons.
User 123@abc.com, which you don’t remember creating in WordPress, is an admin user that hackers add illegally.
New SEO hack to register Chinese and product name wordpress search results in Google search results.
We have identified a new method of SEO hack that registers WordPress search results in Chinese and product names in Google search results, and we will explain how to deal with it.
Here’s what to do when spam comments don’t stop spamming URLs and links in WordPress.
You can improve security by preventing the execution of PHP programs in the upload folder of WordPress uploaded images and other folders that contain only static files outside of WordPress.
This section describes the defacing of a WordPress site by adding an unauthorized user.
A case of a fake WordPress vulnerability patch being distributed has been uncovered. This fake security patch is malware, and there are currently reported cases of emails to WordPress administrators containing links to this malware.
More than 90% of WordPress malware has obfuscated PHP programs. This article describes the obfuscation process.