WordPress powered websites are hit list on the crackers, they are using Maleware (a malicious software) for attacking your WordPress site. There are different form of Malware, like viruses, Trojan horse, spyware, hijackers, crimeware, adware, dialers, keyloggers, worms, rootkits and similar programs. Detail about different types of Malware have explained by James D. Nardell on “Different Types Malware”. Latest news about Types of Malware and all other security threats can be found at Panda Security website which provide and present Collective Intelligence Monitor about all threats, as they said ” The best way to defeat your enemy is to understand him.” I have written step by step guide on How to Identifying removing and preventing malware WordPress site when one of my friend blog xponent4 was effected and I cleaned it up. Now its running okay without Malware but still on threat because of shared hosting on Servage, although they provide the good support but I recommend the best hosting like HostGator.
If your site is infected, I cab help and assist you with removing Malware from your server and can clean up your WordPress site (Request at WPArena’s Facebook page and like it ). Even we can do basic penetration test free of cost to tell you about Vulnerabilities in your WordPress powered Website.
Identifying Malware on WordPress Powered Website
There are different ways that can help you to identify Malware on your website. If you see any issue with Malware on your site, first of all change your FTP, Admin, and database password and than try to use some online tools like Sucuri, Stop Badware and antiphishing to know more about latest threats and Malware.
Google Safe Browsing Diagnostics tool can help you to check vulnerabilities in your site and provide you the next step about protecting your site, detail you can read on How to Identifying removing and preventing malware WordPress site.
Next you can use WordPress plugins to check about Malwares on your website, but before using these plugins do following steps to make it more secure. Update all your installed Plugins, Test all Links on your site to make sure that your site not linking to site which contain Malware. All these checking you should don on Virtual Machine, so your actually Machine not be infected during any test. If you are not sure how to do that ask on WPArena’s Facebook page or you can request in Comment to do it for you.
Timthumb Vulnerability Scanner
Timthumb Vulnerability Scanner is an excellent tool to check any Vulnerability in your site. The recent Timthumb.php vulnerability (discussed here) has left scores of unsuspecting bloggers hacked. It’s the perfect combination of not so easy to fix for the technically disinclined, and easy to find and exploit for the malicious – resulting in a disastrous number of compromised sites.
Regina Smola from wpsecuritylock, has explained about this Plugin and Timthumb Vulnerability Scanner plugin will scan your entire wp-content directory for instances of any outdated and insecure version of the timthumb script, and give you the option to automatically upgrade them with a single click. Doing so will protect you from hackers looking to exploit this particular vulnerability.
As well Elegant Themes authors provide a security patch and updates in their themes which use image re-sizing script called Timthumb, so their themes are more secure now. WooThemes authors also update and mention the Security Flaw in their themes.
Search the files and database of your WordPress install for signs that may indicate that it has fallen victim to malicious hackers. This plugin searches the files on your website, and the posts and comments tables of your database for anything suspicious. It also examines your list of active plugins for unusual filenames. It does not remove anything. That is left to the user to do.
Removing Malware from WordPress website
Make a COMPLETE and CLOSE review of your ENTIRE content and replace suspect files with fresh ones from trusted sources. Always keep 3rd party Plugins and theme up to date to minimize the risk of security issues as good as possible. Regularly check your content so you might notice unauthorized modifications pretty soon yourself because when notes of this type get overhand we will charge an admin fee for our additional work.
After finding any suspicious and malware infected ads, links, Posts or piece of code in your file, image or in script, remove all of them. If you are sure that your site has been hacked, Follow the steps provided by Go Daddy to get back it online:
- Take the site offline to avoid putting site visitors and customers at risk.
- Remove all offending code. This is only effective long-term in conjunction prevention.
- Fix underlying security vulnerabilities to prevent future attacks.
- Check for and remove “back doors” left by the hacker. A back door allows the hacker future access even after you secure the site.
- Check for and install updates, and research the software you are using to find out if other users have been affected.
Protect Website from Malware
Finally all you have to protect your site for further attack and the best tool is the prevention. Try to keep upto date all your Plugins, Theme and Core WordPress and use scanners that can detect vulnerabilities. Before putting any ad or link on your site make sure its not distributing any Malware and monitor them regularly. As well make sure user generated contents are no containing exploit links to Malware and they are clean for visitors without any suspicious link and executable files.
For maximum security please ensure your account password is secure (at least 6 mixed numbers and letters) and that it is changed regularly. Ensure that permissions for your folders are set to 755 and for files it is set as 644. Also check that no folders have insecure permissions such as 777.
For a password to be strong, it should:
- Be at least seven characters long. Because of the way passwords are encrypted, the most secure passwords are 6-12characters long.
- Have at least one symbol character in the second through sixth positions.
- Be significantly different from prior passwords.
- Not contain your name or user name.
- Not be a common word or name.
If you have any issue with your WordPress powered Website ask us on WPArena’s Facebook page.