Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>
Idioma: En

How to scan WordPress for Malware or Malicious Code

Nowadays, where online crime is beginning to outperform real-life crime, it is important to learn how to protect yourself and your website, especially if your income depends on it.

Anyone with a website is a potential target, but anyone with a version of Wordpress without any change (eg with the username “admin” and a generic password) has a large red target stamped on the back, hoping that Some cyber criminal ends up accessing and causing serious damages.

Related Articles

Why do you need to scan your site?

It may seem that the first step to have a secure website is to improve security to prevent anyone from accessing , the bad thing is that your site may already have been hacked. A person with bad intentions may be accessing your site, even the Malware may already be injected into your files as we speak. It is possible that you are blind because you do not have the measures to know that something bad is happening.

When people think that a website is attacked, they most likely think about a typical disfigurement in their mind. Disfigure is when a hacker replaces what is initially displayed on the webpage with something else, usually the hacker’s pseudonym appearing on the web with lights and colors.

But as a rule hackers who have access to a website, usually wait a while to include something. They then quietly begin to implement some malware scripts or others on the site. Just having access is not your main intention, your intention is much worse than that.

Your intentions may be:

  • Phishing (phishing) for usernames, passwords, emails or other aspects that you prefer to keep private.
  • Make your visitors download malware / trojans / viruses by injecting scripts into your website.
  • Insert code to do different things, for example, create a backdoor, monitor user activity or steal information from a form.
  • Redirect your visits to a site with malware.

One of the reasons why it is important to do a scanner instead of simply visiting your website is that the hacker might know your IP address (or maybe use cookies to log into the admin area) and have included Code Which shows the website without anything strange, which leads you to think that your site is fine, while you can actually ruin your reputation for having malicious programs downloaded to your visitors (this may for example also lead to you not being indexed by Google And your site is added to a list of websites where Google Chrome will warn visitors from dangerous site)

So all of this means that if you are starting to implement WordPress security measures, it is even more important to check and make sure there are no malicious programs and other threats on your website right now.

Use a “Site Checker”

These days, you can quickly and easily check for malware by using any of a number of free services.

But, it is necessary to keep in mind that these services check if your home page or other visible pages, include malicious scripts, or try to get visitors to download malware.

Services to be used:

  • Sucuri sitecheck
  • Virustotal
  • Quttera

These services are easy to use. Simply type the URL, click the Scan button, and the service will do all the work for you later. When you are clean, it tells you that you do not have to worry right now.

The problem with these services is that if the malware is on a hidden page (something you are not able to get through links, it is not on the pageindex, for example, the WordPress admin panel) you will not be able to find him.

This says Sucuri: “Sucuri SiteCheck is a free and remote browser. While we do everything we can to provide the best results, 100% accuracy is unrealistic and not guaranteed. ”

At the end of the day, an installer checker like the ones mentioned above can be a good way to do an initial check if you suspect something strange on your site, but if you are trying to clean your site by being hacked, leave things like this Not a very good idea.

Use a scan plugin

There are specific plugins that focus on having a secure site, but some WordPress security plugins, Wordfence for example, offers a website scan as well. Usually these plugins look for known malicious code, but some also go a step further and compare the core files of WordPress, as well as themes and plugins. Then if you find any irregularities, it will provide a list of all the changes.

Wordfence is automatically adjusted to compare WordPress core files for possible changes, and has the option available to do the same for plugin files and themes (this is highly recommended if you suspect that your site may have been manipulated) .

You can find the options for scanning the scanner below the Wordfence settings. For a first exploration, I recommend these options:

Depending on the volume of images on your site you may not want to scan image files as if they were executable.

One thing to keep in mind when you are scanning theme files and plugin is that you can include the logs or other files that you naturally changed with respect to the original files when using the plugin. In addition, if your own or a developer has made changes to the central files of your topic, it will be displayed as a warning as well. So do not worry if your scan is showing warnings like those in the photo below.

Using the Wordfence scanner is a good way to check if you have any type of malware or threats anywhere on your site. In fact, it’s the plugin I used to make sure I had completely cleaned up after an attack on one of my WordPress websites a few months ago.

Another great feature is that it also gives you the possibility to sort the files in question from the WordPress panel, without having to worry about entering by FTP or a management file.

It seems that it is the only plugin that searches through all the files, rather than a search for malware at the superficial level as the scanners based on the previous web.

Other scanning plugins that can be used:

Wemahu : A malware scan plugin that unfortunately does not seem to be under active development right now.

Theme Authenticity Checker (TAC) : A plugin that checks any theme you have installed for malicious code, and among other things, unwanted encrypted links in the footer or elsewhere.

Do it manually

The main technique of manually searching for malware in WordPress files, is simply looking for inconsistencies in the code, the size of your WordPress kernel and in the files of the themes / plugins in the repository. A simple (but slow) way to check for malware would be to download new copies of the kernel, your themes and plugins, and then compare the size and code individually.

If you keep the images you upload to your blog in a folder on your computer or in a cloud service like Dropbox, you can also check that the sizes of the images remain the same.

Although if you do not do any optimization of the image before uploading it , the file sizes could have been changed in the upload process. The same is true if you use image optimization plugins. In this way most of the image sizes will be different from the uploaded versions and if there is malware, there would be no way to differentiate.

The problem with this method is obviously the time to do it. For larger sites with thousands of images, it’s crazy if you want to do it manually.

If you are familiar with its use, you can use a scraper to collect most of the data and then compare it with the use of spreadsheets or other software.

As for removal, simply delete and replace the files in question.

Use a plugin or service to monitor changes to code or files

To prevent someone from hacking you into malicious code or malware, you can use a plugin or service to monitor changes to code and files.

Sucuri not only takes note of these changes when it is done through WordPress, but it also sends you immediately an email every time you change a file, (along with every time there has been a failure, or special interest successful attempt Of login). This allows you to react quickly to malicious changes to your website.

There are also services like CodeGuard. These monitor any changes in files, adding new files, and send you easy-to-understand reports on a regular basis. All you need to do is take a quick look, and if you see the changes that you (or the staff in charge) suspect you have not done, then look and investigate those files more closely.

conclusion

Scanning for malware and threats is a vital part of keeping a website safe and prosperous, and is absolutely necessary if your site’s security measures have been negligent in the past. The good news is how easy it can be done.

Have you ever had a security breach in a WordPress site, or even discovered malware and other threats? How did you find them? Share it with a comment below.😀

The post How to scan WordPress for Malware or Malicious Code appeared first on Naijforum.



This post first appeared on Naijforum, please read the originial post: here

Share the post

How to scan WordPress for Malware or Malicious Code

×

Subscribe to Naijforum

Get updates delivered right to your inbox!

Thank you for your subscription

×