This article is a Comprehensive Malware/plugins guide to WordPress site owners. Learn about WordPress sites vulnerabilities so you can avoid getting malware on your site, the most effective Malware plugins to solve the problems, and techniques to keep your website safe. The plugins I list here are trustworthy. They are all on wordpress.org/plugins.
Problem 1 - File upload vulnerability
Every site that requires uploads from visitors has an upload plugin. It is what allows visitors to complete a contact form or write comments, or reviews on your site. If you run a headhunting company that needs applicants to upload CV files, or you are a real estate agent that needs pictures from the property owners you are also open to file upload vulnerability. When a plugin has a vulnerability, hackers can upload malicious files to your website. Once they upload the files the scripts can start executing malicious activities. Stealing sensitive data is a good example. If nothing stops the hackers they can take control of your site.
Problem 2 - SoakSoak or Local File Inclusion (LFI) vulnerability
This attack uses XSS payloads through a CSS attack. Hackers can see the files of the local server on a website with the help of the bug. It allows remote arbitrary file downloads and arbitrary file uploads. It exploits application functionalities to include dynamic files. The dynamic file content changes based on factors specific to the site user, taking into account time or location i.e. A dynamic webpage does not look the same for everybody, changing as users interact with it. Everything together means an attacker could access, review, and download/upload a local file on the server.
Problem 3 - The wp-feed.php
It is one of the most cleverly disguised hacks. The infection’s goal is stealing your visitors. It is very serious to the owner because it displays ads for illegal products, drugs, and adult content to the visitors. The hackers make money by duping your visitors into buying fake services or products. The worst part it is hard to realize there is a wp-feed.php infection in a WordPress website. Realizing the infection exists is difficult because the malware records visitors to make sure ads only appear to new visitors. The owner will never know such a thing is going on because they visit the site frequently. Hackers implant two files (wp-feed.php & wp-tmp.php) into your wp-includes folder. The hack works by opening backdoors. Once the doors exist, the ads start to pop up. The most common form of infection is nulled themes or plugins. Because they offer premium features free of cost many site owners fall into the trap.
Problem 4 - Poor WordPress login security vulnerability
The login page is a popular hacker target. Hackers design bots to try out hundreds of usernames and passwords within the span of a few minutes. It is a brute force login attack. After hundreds of login attempts, your site will take a toll on your server. Because loading the WordPress login page pre-loads the entire website your site may crash due to a system overload and throw a 503 error. Even if the worse does not occur, it will slow down your site for sure.
Problem 5 - Poor Hosting Service vulnerability
Choosing obscure hosting companies or even using shared hosting services offered by popular providers is dangerous. It brings security issues, making your website vulnerable to a hack or a crash. Also, it might happen that one website experiences a hack, causing the other sites on the same server to suffer consequences.
Problem 6 - Untrustworthy Admin
Many owners allow administrator roles to people who can not be trusted. The admin role gives access to everything on the site. Bank accounts, customer lists, customer data; you name it, the Admins will have access to do whatever they desire.
Techniques to keep your website safe
- Set strong passwords and unique usernames
- Set up a firewall
- Maintain your software up to date
- Install plugins against WordPress malware
- You can find many more techniques in the article WordPress Best Practices: Tips & Tricks from the Pros
Here follows a list of Plugins against WordPress Malware.
They are reliable and found on wordpress.org/plugins.
This plugin offers a wide range of security features. It works by scanning your website’s files every day and detecting malware. Once a hack happens it will alert you immediately. The plugin removes malware with one click from the back end in a few seconds. It also protects your website through a WordPress firewall. A firewall stops hackers from accessing your website even if there is a vulnerability. This plugin enables you to manage and update many websites from a centralized dashboard. Click on the link for more information.
This plugin scans every file on your site and compares it with the WordPress repository to check your website integrity. Then it overwrites these changes and deletes any malicious files. It also checks for many different types of security vulnerabilities, scans file contents, posts, and comments for dangerous URLs and suspicious content. Wordfence helps with login security by blocking admins from using known compromised passwords. The plugin has 4+ active installations, receives constant updates with the latest security protective mechanisms. You can check the details by clicking this link.
It defends WordPress against hacker attacks, spam, trojans, and malware. The Cerber Security Plugin allows you to schedule automated scans of your site. They search every folder and file for traces of attacks. It also provides the functionality to delete malware and recover modified and infected WordPress files. The plugin monitors logins made by login forms, XML-RPC requests, or auth cookies. It has an anti-spam engine to protect contact and registration forms. You can check for more information by clicking on this link.
Defender security offers malware scans and security hardening to protect your website. Their scan tool compares your WordPress core files with the master copy in the official WordPress directory. If it detects changes, it will provide a changes report. It also helps you restore the original file with a click. You can check more info here.