Navigation X

Protect your WordPress from malware / spoofed codes

 11

Protect your WordPress from malware / spoofed codes

by Leakbot -
Leakbot Well-known member
197,209
63,547
133
This Thread had not been rated yet

6EHQA5V.png

Detailed guidance on how to protect and increase the security of your WordPress site.

Better safe than sorry!

To make sure you are running a safe version of the theme or plugin you download from NulledForums, we advise you to install Wordfence plugin from WP store.

https://wordpress.org/plugins/wordfence/

The plugin above includes real-time malware scanning and it finds the most common obfuscated codes. The free version of the plugin covers just about everything you need. Of course, this plugin is not something you can be 100% sure is always accurate. Web devs are finding nasty ways to inject codes and manual inspection is highly recommended. Don't trust anyone or any site which offers nulling content, not even this site as the content here is provided by site users.

Wordfence in action
After doing a scan, it shows that there are no file changes nor malware and/or spoofed codes, the vulnerability part means that plugins are outdated as shown on the image below.

Mzutuog.png


More advanced code inspection

The more advanced way of checking for spoofed codes would be manually searching through files.

You can use Notepad++ and then Find-In-Files option which you can find on search part.
screenshot-174.png


What to search for?
  • wp_vcdis a common WordPress malware backdoor which sends information to attackers server. if you find this, either remove the complete function or DO NOT install it.
  • base64a very nasty way of obfuscating scripts which sends back information to attackers server.

There are more cases, but those two are the most common one.

screenshot-175.png


Additional security steps
  • Change /wp-admin location and don't include it as a visible link which can be seen through inspect element or page source.
  • Include reCaptcha protection on every login / register / password reset pages to stop common brute-force attacks.
  • Encrypt origin server with SSL (for example Let's encrypt and if you are using Cloudflare use full-strict crypto mode).
  • Use page rules from cloudflare to protect your admin login page with whitelisted IPs.

There are many more steps you can utilize, but if you need all of this you are already an experienced web dev that already knows more than enough to do it alone.
 
This Thread had not been rated yet
You must log in or register to reply here.


About Leakforums.su

Leakforums.su is a community forum that suits basically everyone. We provide cracking tutorials, tools, leaks, marketplace and many more stuff! You can also learn many things here, meet new friends and have a lot of fun!
If you would like to contact us, you can send our staff team a message.

Navigation

Extras

Help

Account

Top Bottom