Hacker site hijacking is causing more damage to sites, making it a stepping stone for spam emails, and being redirected to other overseas sites.
This time, we will explain how to prevent hijacking of WordPress administrator rights.
How are hackers hijacking WordPress?
When WordPress administrator privileges are taken, WordPress has the ability to change programs from the administration screen, allowing hackers to perform various unauthorized activities on WordPress.
One of the methods that hackers take to hijacking WordPress is called brute force attack, and there is an attack method that attempts to break through the login to the management screen by mechanically testing various patterns of passwords.
This is a method of automatically checking whether or not you can log in by repeating login attempts to WordPress with hundreds of thousands of passwords. Hackers who have administrative privileges this way will be able to write almost any program to your site.
How to prevent hijacking due to brute force attacks
1 Basic: Make sure your WordPress login password is random, including uppercase and lowercase numbers and symbols
If you create a password by using the password generation function at the bottom of the user profile page, you can create a fairly strong password.
２ Add capture on the WordPress login screen
With WordPress Doctor Malware Scan & Security Plug-in, you can add a simple calculation quiz called capture to the login screen.
This can make it difficult for hackers to mechanically repeat login attempts from the login screen.
３ Block computers with a lot of login attempts
Users who have made three login attempts can no longer access the site for a certain amount of time, or who have made brute force attacks and repeated login attempts (not limited to the login screen, but using the internal function of WordPress called XMLRPC) brute force It is possible to prevent hijacking of administrator rights by blocking access to the computer.
It can be enabled easily with WordPress Doctor Malware Scan & Security Plug-in.
Brute force attacks are difficult to reveal because there is no real harm, but in fact, they are often done even on small sites. In addition, the hacker’s automated program repeatedly attempts to log in, resulting in excessive access to the site, which can make the server very slow.
The IP blocking function of Brute Force Attack is recommended because it can lighten the site.
４ Monitor logged-in users
With the WordPress Doctor Malware Scan & Security Plug-in, you can also check the IP, country, time, etc. logs of users logged in with administrator privileges.
Check for unrecognized logins recorded here.
If an unrecognized login is recorded, be sure to change the password for administrator privileges and scan the WordPress program group for tampering with the malware scanner included in the plug-in.
５ Update WordPress and plug-ins as often as possible
Not only brute force attacks, but it is also possible to hijack administrator by exploiting vulnerabilities in WordPress and plug-ins. While these vulnerabilities are rare, WordPress is the most popular CMS used by hundreds of millions of sites,
Even if rare vulnerabilities are found, hundreds of thousands of sites can be under danger.
You can check for WordPress site vulnerabilities with WordPress Doctor Malware Scan & Security Plug-in.