Can a WordPress site get a virus? Absolutely. If you were running a logging application on your site, you’d probably find that it was crawled and pinged and bounced on multiple times by bots attempting access to your wordpress website. Viruses happen. Just as PC’s get viruses, web servers do as well and often these viruses embed themselves within your website’s code. I am a firm believer that viruses infect PCs more than MACs because there are more potential victims, i.e. more PC users than MAC users. As this is evident in the up-swing of ‘Mac-attacks’ from malicious code. Same is true with WordPress. As more and more are turning to this open source platform for web development, the market is growing for the development of WordPress hacks. WordPress developers have stayed ahead of this up-swing in attempted hacks, as outlined in the table (source: National Vulnerability Database, keyword search ‘wordpress’)
Why do websites get hacked?
Money. Ultimately its all about making a dollar. The most prevalent types of infections are URL redirects and Search Engine result modifications. Just as with computer viruses, the developers are attempting, ultimately, to have someone pull out their credit card. Porn sites, male-enhancement, and other big money industries. Other redirects will take you to rogue websites that will inform you that you are infected with viruses, attempt to infect your computer with the virus, then have you pay to have this removed. This is also known as ‘Rogue-antivirus’. Basically, they are using your website as a stepping stone and launching platform to get more victims.
Where do these hacks come from?
All around the world, but most common from Russia and Eastern block countries. Shortly after the cold-war ended, the government collapsed, the economy collapsed, and many very very smart engineers became unemployed. This isn’t to say that Kenya or California doesn’t produce the same caliber of hackers, but rather that there is a larger percentage of attacks from these areas.
How do they hack your WordPress site?
Dumb-bots and smart people, or smart-bots and dumb people. Eitherway, they are either using a bot similar to a search engines that crawls the web looking for vulnerabilities, or they are systematically finding sites with vulnerabilities and targeting them directly. A bot will usually use a HEAD request (the first part of an http request), and attempts to access wp-admin/post.php, wp-content/plugins.php, or any other http method. The bot will also try to exploit the database through various SQL commands and queries or find vulnerabilities via RPC and trackback.
What does the virus do on my WordPress site?
URL redirects: Someone finds your site from another source like Google, clicks the link and it takes them somewhere else. Once access is gained by this virus, it will try to write to your .htaccess file and create conditional redirects depending on the http source such as google, yahoo, ask, msn, bing, etc and basically tell the browser to go to a different website.
Search Engine Modifications (Cloaking). This website virus modifies your site pages with hidden code that you cannot see when you look at your site, but the search engines do and they index this data. This hack embeds encrypted code in various php files and is handled by scripts that will create text and links, meta and regular content data that is not displayed within your browser, but is indexed by search engines leading to erroneous website results for your site. Example, your site is supercows.com and when googled, you get results for male enhancement or porn.
How to remove a WordPress virus?
Trying to track down and remove a virus on your WordPress site can often be like a dog chasing his tail. You clean one problem and find two more. There are an abundance of resources available, but wordpress.org has multiple reliable sources. Start here –> http://wordpress.org/tags/virus. and try to find posts similar to the issues you are having. You can also check out their FAQs section. Ultimately though, sometimes the easiest and only solution for the average user who is not familiar with the back-end technology is to start fresh with a clean installation of WordPress.
How to Prevent a WordPress virus?
Updates. Just like Windows updates are important to your PC, WordPress and plugin update releases are important to your site. Keep your WordPress installation up to date.
Back it up! Back up your site regularly. There are various methods, but if your constantly backing up your data, you can simply brush off a hack, kill the site, reinstall, and import your data. Your back up and running. Your web hosting provider may offer various Database backup options or do it automatically for you or you can choose a DB back up plugin such as WP-DB_backup. You can use the Import/Export tools in Wp-admin control panel to back up content in an xml file format, and you can also backup files and folders on your site using an ftp application. If your a daily poster, I recommend backing up content daily, and files/folders weekly. Its ultimately up to you.
Other Tools. There are dozens of other WP security plugins available. I’ve been waiting for that all inclusive, McAfee or Norton type application that offers the WordPress site real-time protection, virus scans, password encryption and protection, and all that other jazz. NO luck. But just as in the world of Computer protection, I believe the best defense is ensuring you stay on top of your plugin and wordpress updates, and by keeping your website backed up. Besides, antivirus software slows performance, and that is one thing I do not want to see on any of my sites. One plugin that does stand out though is, Secure WordPress, a simple plugin that focuses on what drives WordPress hackers to try and gain access to your site. It removes information such as WP version, update information, and blocks bad SQL queries to name a few. Just as in battle, information is key and if you deny your enemy information about your defenses, your that much less likely to be attacked.
Would you like more information on Securing and optimizing your WordPress site?
dumb bots and smart people – nice