Reading time: 3 – 4 minutes
Based on my previous post about this blog being compromised, I decided that it would bring much justice to the previous post entitled, “Blogosphere Alert: Prevent your WordPress blogs from being hacked!” to expose the different ways on how a WordPress blog can be compromised or hacked. We all know that WordPress blogs are written on php scripts and are made operational by means of MySQL Database via a web host.
For WordPress blogs, most hackers in order to create damage usually introduce malicious codes that may cause unwanted action statements through php code snippets. One of which is through SQL Injection. SQL injection refers to the act of someone inserting a MySQL statement to be run on your database without your knowledge. Injection usually occurs when you ask a user for input, like their name, and instead of a name they give you a MySQL statement that you will unknowingly run on your database.
Another form of hack is Cross-site scripting (XSS) which is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users or cyber criminals into the web pages viewed by innocent users commonly exploited for phishing attacks to steal sensitive data such as credit card information in which most of the time, victims are unaware that a webpage is already stealing his/her valuable information.
The most common exploit that happens to a dedicated server is a script exploit that gives the hacker non root access to a dedicated server. What hackers do is pass the script some variables and commands in an http URL. The vulnerability is that the script allows the commands to be run thereby giving the hacker access only to the /tmp directory. The next action they would take is to upload scanning tools and start a DDOS attack against another server. While hackers don’t have root access, removing all their files and stopping all their processes will remove them but chances are, if the vulnerable scripts are not removed, they would still come back.
Another technique often used to attack Internet websites was via a remote computer known as Remote File Inclusion (RFI). Remote File Inclusion attacks allow malicious users to run their own PHP code called a webshell, also known as a PHP shell. A webshell can display the files and folders on the server allowing editing tasks such as editing, adding or deleting files which could also be used to gain administrator-level or root access on the server.
Familiarity with these vulnerabilities will give you ideas how your PHP scripts play a vital role in your WordPress blog’s security. Don’t try pretending to be a know-it-all guru, most tech bloggers’ blogs especially established one’s had once been compromised. It doesn’t hurt to ask what you don’t know. If you hardly believe it, do your research. Your call!
Sites That Link to this Post
- Google Notifications for Software Upgrade Now In Webmaster Tools | Software Critics | September 18, 2014