Reason of wordpress hacking

Why wordpress site being hacked

Why many of wordpress site being hacked every day?

WordPress hacking nowadays is a common thing. Every day thousands of wordpress site being hacked due to lack of security implementation, usage of the vulnerable plugins, Server side whole, and for many other reasons. I have seen many of wordpress site hack for symlink problem with server and premium plugin downloaded from null themes sites. For observation, once I downloaded a plugin named Wp-Rocket from the https://null-24.com/ and I saw malicious code was injected into the plugin. The code was like below.

It was base64 encoded. So who has no programming knowledge he/she will not understand it and the file name was config.php, so that people will think it is the configuration file for the plugin. But how much dangerous it was you will understand after decoding it. I used a site to decode the encoded codes, the site URL is https://www.base64decode.org/. You can use many other tools or programs or sites by searching on google. So, let’s see what is shows after decoding.

Server destroying php script

So this was a hidden form with the plugin. Also there was many other files. So after the installation of plugin, the hacker will get an email automatic with user name and password hash from the database. Also they will get the installation site URL. Only the installation site URL is enough to hack the site by using the above code.

So, here I am giving a list of possible hacking reasons of the wordpress site.

Possible hacking reasons of the wordpress site

#1. Using vulnerable licenced premium plugin without code security test from an unauthorized source like null-24.com.

#2. Backdated wordpress version ( using exploits ).

#3. Vulnerable theme ( Like without proper input escape and sanitization ), generally developed by new coders and non-conscious developers.

#4. Easy password for login to the dashboard.

#5. Lack of proper file permission of server.

#6. Vulnerable server.

#7. Sysmlink problem with the server.

#8. Any configuration file upload to server, search as .git configuration files if the .git repo is public, or any text file stored credentials.

#9. If you save your login password in browser and your computer browser compromised.

#10. If you use any compromised pc and login to your account using that PC.

#11. If you use any password manager and then if it compromised.

 

If you want to know how to protect your wordpress site from being hacked then visit this URL below.

How to secure wordpress and ensure security to prevent wordpress from getting hacked?

 

%d bloggers like this: