1.
W O R D P R E S S
C O M M O N A T T A C K S
Prevent your WordPress
Website from being hacked

2.
DETECT
MALWARE AND
INFECTIONS
Thousands of malware types and infections are active on the
Internet; fortunately, not all apply to WordPress.
We’ll look at four of the most common attacks on
WordPress users:

3.
BACKDOORS
A backdoor lets an attacker gain access to
your environment via -what you would
consider being abnormal methods- FTP,
SFTP, WP-ADMIN, etc. Backdoors are
exceptionally dangerous, the most
dangerous can cause serious damage on
your server; commonly these attack often
happens because of out-of-date software or
security holes in the code.
Like most infections, this one can be
encoded or encrypted, however, it’s not
always as simple as looking for the
encrypted code; there are several
instances in which it looks like
legitimate code. Backdoors come in all
different sizes. In some cases, a
backdoor is as simple as a file name
being changed, in other cases, the code
is embedded in a seemingly benign file
01

4.
DRIVE-BY DOWNLOADS
The point of a drive-by download is
often to download a payload onto
your user’s local machine, one of the
most common payloads informs the
user that their website has been
infected and that they need to
install an anti-virus product. There
are a number of ways this attack can
get in, the most common causes are
Out of date software, compromised
credentials (wp-admin, FTP) and SQL
injection. This kind of attacks have
been functioning as conditional
malware, this means that they are
designed with rules that have to be
met before the infection presents
itself. Using a scanner such as
SiteCheck to see whether you are
infected is possible. Scanners are
pretty good at picking up link
injections.
02

5.
PHARMA HACK
Pharma hack is one of the most prevalent infections around. It should not be confused
with malware; it’s actually categorized as SPAM. Like most SPAM-type infections,
pharma hack is largely about controlling traffic. SPAM injections can be identified by
navigating your website, looking at your ads, links, posts and pages, but, the most
effective method of detection is by enabling some type of auditing or file monitoring
on your WordPress website, in order to see when new files have been added or when
changes have been made. REMEMBER: If you’re found to be distributing SPAM, you run
the risk of being flagged by Google with the following alert: This site may be
compromised!
03

6.
MALICIOUS REDIRECTS
A malicious redirect sends a user to a malicious website. When a visitor is redirected
to a website other than the main one, the website may or may not contain a malicious
payload. The malicious redirect could be generated by a backdoor; the hacker would
scan for a vulnerability and, when they find it, upload a payload that functions as a
backdoor. Detecting a redirect is not as complex as detecting some of the other
infections, it is often found in your .htaccess file or in your PHP files (header.php,
footer.php or index.php, etc.) as an encoded redirect. There are a few ways to check
for infections like using a free scanner, such as gtmetrix or to listen to your users. You
might not detect the redirect, but sometimes a user will alert you to it.
04

7.
NEED MORE?
Or if you need help from our
professional team, contact us!
Article Source: https://www.clickittech.com/wordpress/wordpress-
common-attacks
5 Signs of
WordPress
Attacks
ClickIT Smart Technologies
Tips for
WordPress
Security
Run an
Intrusion
Audit
WordPress Optimization