Website Security Tips – Common WordPress Malware Infections

WordPress is an increasingly popular option for building a website due to its excellent capabilities and user-friendly format. However, with popularity comes the susceptibility to malware infections, and WordPress is no exception. Malware is a piece of software or code created to damage a system to gain unauthorized access to it. Depending on its type, WordPress malware can do anything from adding unknown text to your website to completely dismantling your website. It’s hard to imagine the feeling of panic when you find out that your website is infected, followed by not knowing how you’re going to remove it. While it’s definitely frustrating, it’s not the end of the road for your website.  In this post, we’re going to outline some of the more common website security vulnerabilities along with steps you can take to protect your WordPress site.


Most Common Malware Infections on WordPress

If a hacker can find a way into one of the hundreds of millions of WordPress websites, they will also scan for other websites that are running insecure setups of old or insecure versions of WordPress and hack those too.  WordPress actively has a team devoted to identifying and fixing WordPress security issues that may arise. These findings are immediately pushed out to patch any newly discovered WordPress concerns.  This is exactly why keeping your site updated with the latest version is incredibly important. Although there are thousands of malware infections out there, there are some that WordPress is the most vulnerable to.


website security

Just as the name suggests, Backdoors allows hackers to gain access to your website through a backdoor entry point with the intent of concealing itself from the website owner. This is typically done through outdated software, security loopholes in a code as well as default passwords. If you find your file name has changed, this is a big red flag of this type of malware infection such as lok.php. Once the file is uploaded, hackers can use this as a backdoor to upload an injector or webshell to further exploit the system.

Drive-by Downloads

website securityDrive-by downloads are the web equivalent of a drive-by shooting. It’s typically embedded on your website via some type of script injection. In other words, it injects download links into your website to get your users to download a payload onto their local machine. That payload then sends out a warning to the user that their computer has been infected and provides a link to install an “antivirus.”  This malware infection usually attacks through outdated software, compromised credentials, or an SQL infection.

Pharma Hacks

pharma hacksPharma hacks are one of the most widespread infections around. This one is actually categorized as SPAM versus malware.  It infects your website by adding SPAM links that lead to actual online pharma stores. Google will actually warn users of this potential SPAM with a pop-up of “this site may be compromised.” This SPAM is controlled code, which means it controls what the user sees, making it harder to locate. Some injections can make a nest on your server, but they serve the purpose of taking you to an online store to generate revenue for the hacker.

Malicious Redirects

website securityAs the name implies, this type of malware redirects users to a malicious website. When that visitor is redirected, that malicious website may also contain a payload that automatically downloads to the user’s computer. Or it could be just a malicious redirect without a payload. Hackers typically gain access to this injection through a backdoor or through older versions of WordPress. Detecting a redirect is not as complex as detecting some of the other infections. It is often found in your .htacess file.


How Can I Check If I Have a Malware Infection?

Since malware infections like to keep a low profile, it’s not always obvious to detect if your website’s been attacked. With that in mind, one of the easiest ways to determine if you have an infection is by using a website scanner tool. You can scan your website by using a free scanner tool like SiteCheck. These scanner tools are pretty good at detecting infections. Another option is by signing your website up with Google Webmaster Tools and verifying your website. If Google detects malware on your website it will email you beforehand notifying you of the problem before your site gets blacklisted. This warning sign will help you take steps to correct the potential threat to avoid having your website taken completely down.


How Can I Make My WordPress Site More Secure?

Several factors can make your website vulnerable to malware infections. Here are some of the most common ways.

1. Use a Strong Password. Using a weak password is one of the most avoidable security vulnerabilities. Your WordPress admin password should be strong, include multiple types of characters, symbols, and numbers, and not be used anywhere else. It would also be wise to set up two-factor authentication for an extra layer of protection.

2. Keep Your WordPress site up-to-date. If you’re running an outdated version of WordPress, it means it has known vulnerabilities. Hackers will research those sites that are operating on an older version and target them.

3. Avoid Using Outdated Plug-ins and Themes. Keeping a security plugin activated and updated is a must. This is one of the basic requirements for keeping your website secure. Using a secure plugin will allow you to keep an eye on the state of security by running regular scans and enabling a firewall for better protection.  It will also implement two-factor authentication.

4. Choose a Reliable Hosting Provider. Not all hosting providers are created equal.  Some only offer low-level security. This is exactly why you should use hosting providers that are designed for WordPress sites. Shared hosting is also a concern because it means multiple websites are being stored on a single server. If one website is hacked, the infection can gain access to the other website and use their data.

5. Run Scheduled Malware Scans. Keep tabs on potential infections with scheduled scans through services offered in the iThemes Security Pro plugin.  Armed with the knowledge to protect your WordPress site, this scan tool will give you a report of your website’s ongoing malware status along with several blacklisted statuses. It will also fix common holes, stop automated attacks and strengthen user credentials.


Final Thoughts

Bottom line, keeping your WordPress site updated is an absolute must in order to avoid potential malware infections. Hopefully, this new knowledge will help you better detect unusual activity and know the best actions to keep your WordPress site secure. If you would like any more tips on website security or you’re interested in creating a custom WordPress website through Fusion One Marketing, please reach out to us.