Category Archives WordPress Security

WordPress is a democratic revolution when it comes to creating and hosting content. This has led to a massive upsurge in its popularity. According to the official WordPress website, it powers around 32% of internet sites. However, at times various WP sites are compromised due to attacks like the wp-config.php hack. Nevertheless, the popularity of WordPress is because of it's…

WordPress backdoor hack featured image

What is WordPress Backdoor? Thousands of WordPress sites are infected every year and the number is increasing. These hacked websites are then used to spread fraud and spam. Often the owners and developers may be unaware about the infection. The infection may be persistent or not. Thus, a WordPress backdoor helps to maintain that persistence. A Wordpress backdoor is the…

Is your WordPress website redirecting users to unknown and unsecured sites? If yes, then your website might be hacked. Such WordPress hacked redirect attacks are quite common where the malware redirects the visitors of a particular website to either spammy websites, phishing pages or hacker controlled domains. Recently we noticed that wp-admin is getting redirected to spammy ads & fake CAPTCHA…

Thanksgiving is coming (1)

BlackFriday sales have been a huge hit online. There has been a 21.6% year on year growth in buying during blackfriday with sales estimated to be worth $3.34 billion! With the buying going online, there has been an increase in hacks also. Hackers target your website or app with the sole motive of compromising your customers for financial gains. What's…

How to clean & fix WordPress eval (base64_decode) hack

Among the major CMSs used extensively by businesses worldwide, WordPress is notorious for being the most targeted by hackers, who constantly search for ways to circumvent security patches and precautions taken by users. A majority of websites run on Wordpress, rendering it an excellent hackable target for malpractices and data theft. One such hack witnessed by Wordpress users lately is…

How to remove the Backdoor: PHP/apiword malware from your WordPress website

Lately, Wordpress witnessed a perilous situation when it discovered a malicious code added to the top of the functions.php file, exploiting which the malware creator can unleash pretty much any damage he'd like. The injected code comes from the apiword malware which not only creates modifications in post.php and functions.php, but also creates a file containing a backdoor: /wp-includes/class.wp.php The presence of the functions.php file is…

Is your website an important marketing platform for your business? Do you like it as an elite commercial? The WordPress WooCommerce security vulnerability is a sensitive issue that is important to take into account? It is said that the majority of these systems are vulnerable to the attacks of the first apprentice hacker. Yet they can also protect themselves very well. The WooCommerce…

With each passing day, cases of WordPress infection that redirects visitors to suspicious pages is getting common.  Recently, a vulnerability was discovered in tagDiv Themes and Ultimate Member Plugins. In this WordPress redirect hack visitors to your website are redirected to phishing or malicious pages. In this hack, users, when redirected, are taken to irritating pages with arbitrary URL hxxp utroro.com/xyz  or  hxxp://murieh.abc/xyz…

WordPress File or  Folder Permissions- Something that is easily forgotten When we talk about securing our WordPress account, we tend to discuss security plugins and extensions mostly which, no doubt is an important aspect of it. But, ignoring file permissions altogether can prove to be immensely dangerous for your WordPress website. To begin with, let us know what WordPress file…

Close