Help my WordPress has been hacked!

/0 Comments/in

You may have spent a lot of money to have a website built for your business in WordPress.
Or you have invested a lot of time yourself to set up a website with WordPress.

And then.. your WordPress website is suddenly hacked

How is that possible?

  1. Is the WordPress website not well made?
  2. Is someone targeting your website?
  3. Has the credentials been leaked?

99.9% of all WordPress websites are hacked by a virus, script or malware

These are programs that test and hack thousands of websites at the same time. Without even one person involved.

Is WordPress that leaky then?

No, WordPress is not the problem.

The problem is the plugins that are used.
The plugins are not always updated and the programmers do not always keep the plugins secure.

Plugins are often the cause of your hacked WordPress website

Hackers can download many plugins for free and test them for security vulnerabilities.

When hackers have found a security vulnerability in the plugin, they write a script that checks large numbers of WordPress websites every day for the presence of those plugins, after which an injection or command takes place through that plugin.

Viruses can perform injections and commands via plugins (Technical)

Injections? Assignments?
Those are the terms that describe how a virus, script or piece of malware works.

The injection
Via the leaky plugin, all unwanted data is injected into your database or on the server in one go.
It only takes a virus 1 second to put advertising in ALL your pages and posts – hence the injection.

The assignment
A virus can give commands to the server via a leaky plugin. In this way, various files containing malware can be placed.

Think of malware that encourages your server to spam other websites or email addresses of people.

My WordPress website has simply been hacked, what can I do?

You must reverse the consequences of a hack, then you must secure the WordPress website so that it cannot happen again.

We do this 7 days a week, we remove the hacks and secure WordPress websites for a fixed affordable rate.
With warranty. Click here if you want your website quickly repaired and secured by WordPress professionals.

wordpress zelf herstellen

repair wordpress yourself

Repair your hacked WordPress website yourself

The step-by-step plan to restore your hacked WordPress website:

  1. Determine the date your website was hacked
    When was the aforementioned injection or command executed?
    You can see this from the modification date of files on the server, if that is not clear you can use your own insight.
  2. Restore a backup of at least 1 week before the hack took place
    You may be able to restore a backup from when your website has not yet been hacked.
    Some web hosts store backups of your website, sometimes 1 week but sometimes 1-2 -3 months.
    Keep in mind that a backup is a step back in time, so news items, users, woocommerce purchases and the like are NOT up-to-date with the old backup. Therefore, make a backup of this moment before you restore 1.
  3. Check the website for suspicious files and activities & back doors
    – Check which files are on the server, whether they belong there.
    – Check which users have administrative rights and whether this is correct.
    – Remove back doors.
    Backdoors are regularly installed, even before a hack actually becomes visible. That backdoor is literally an open door for the malware to be able to execute the injection and commands again.
  4. Update your WordPress, plugins and theme
    Make sure everything is up to date.
    TIP: We often completely replace the plugins and WordPress completely on the server for new downloads, so you can be sure that there are no unwanted files or lines of code on the server.
  5. Submit your website to Google webmaster tools
    In Google’s webmaster tools, go to the security center and see if the website is not known as hacked there.
  6. Check your website for free at Sucuri
    Scan your website with the Sucuri Malware Scanner

Is your hacked WordPress website now hack-free?

If your hacked website is now hack-free and you are sure that hacking bots cannot access your website, the protection begins.

  1. Check your plugins for security vulnerabilities
    On wpvulndb.com is a search tool that can help you find out if your plugins are currently leaking. Or that they have often been hacked in the past. If a plugin is unsafe, choose an alternative.
  2. Install and configure a security plugin
    A security plugin stops many hacking bots. It is important to set it up properly, so take your time.
  3. Monitor your website weekly or at least once a month
    Check the security logs of the server regularly to see if everything is still going well.

Don’t have time to check your website?

To read the logs? To do Google webmaster tools or other scans?

Leave that to us! We take care of your WordPress website for an affordable monthly rate.
We work with WordPress 7 days a week, for more than 10 years.

Choose convenience and security: Let us secure your WordPress website.

Website malware, what is it? How do I get rid of malware?

/0 Comments/in

I have malware on my website. MALWARE.. what should I imagine when it comes to malware? Can you eat malware?

Short explanation: what is malware?

Malware is malicious software created by criminals. Malware should not be in your website.
Malware comes in all forms: viruses, trojan horses, rootkits, spyware, dialers, botnets, malicious websites, tracking cookies and more.

How malware gets into your website

Malware can easily enter your website via a leaky plugin, an outdated plugin or WordPress version.
Malware is not human-driven, so it grabs every website it can find on Google. Also your hobby site or your small business website.

What does malware do?

Malware “in your website” is actually incorrect. It sometimes shows itself visually in your website when it places links to other websites, but 9/10x the malware is secretly active on the server.

Your website has the access and rights to have the server execute commands. Once malware is “in your website” and therefore on the server, the malware can issue commands to the server.
Those commands from malware vary:

  1. Malware can: Send spam to email lists (Thousands of emails).
  2. Malware can: Search and infect other websites on the Internet.
  3. Malware can: forward your login details to a hacker.
  4. Malware can: Change payment information in your WooCommerce webshop to that of a hacker.
  5. Malware can: Offer viruses to your website visitors.
  6. Malware can: Create pages in your website that ask for customer passwords.
  7. And more..

You now know WHAT malware is, HOW malware gets into your website and what the malware DOES.

But now the most important thing,

How do I get rid of malware?

We are specifically talking about malware in your website here. And more specifically, malware in your WordPress website.

This is a step-by-step plan that you can follow to remove the malware from your WordPress website (and therefore from the server):

  1. Determine the date the malware first entered your website
    You can see this from the modification date of files on the server, if that is not clear you can use your own insight.
  2. Restore a backup of at least 1 week before the malware entered your website
    You may be able to restore a backup from when your website was malware-free.
    Some web hosts store backups of your website, sometimes 1 week but sometimes also 1-2-3 months.
    Keep in mind that a backup is a step back in time, so news items, users, woocommerce purchases and the like are NOT up-to-date with the old backup. Therefore, make a backup of this moment before you restore 1.
  3. Check the website for suspicious files and activities & back doors
    – Check which files are on the server, whether they belong there.
    – Check which users have administrative rights and whether this is correct.
    – Remove backdoors, a backdoor is also malware, but then 1 that specifically keeps the door open to your server to allow more malware in.
    Backdoors are regularly installed, even before a hack actually becomes visible. That backdoor is literally an open door for the malware to be able to execute the injection and commands again.
  4. Update your WordPress, plugins and theme
    Make sure everything is up to date.
    TIP: We often completely replace the plugins and WordPress completely on the server for new downloads, so you can be sure that there are no unwanted malware or lines of code on the server.
  5. Submit your website to Google webmaster tools
    In Google’s webmaster tools, go to the security center and see if the website is not known as hacked/infected with malware there.
  6. Check your website for free at Sucuri
    Scan your website with the Sucuri Malware Scanner

Okay your website is now free of malware (we assume).

How do you prevent malware from entering your website?

Secure your website with a security plugin. It is not completely foolproof, but it does stop 90% of all automated malware.

Do you not know how to set up a good security, or have you failed to get your get website malware-free?

Please contact us, we do this work 7 days a week. We offer affordable solutions with warranty!

Click here for contact, then you are sure of convenience and a secure WordPress website without malware.

The experiment: downloading a nulled security plugin

/0 Comments/in ,

If you’re new to Nulled plugins, they are “free” premium plugins that contain malware.
Nulled plugins are bought by criminals, loaded with malware and then offered for free.

The paradox

An antivirus plugin that should keep out hacks and hackers, who has been hacked?!

That’s like putting a security guard in your store from Thief & Co

A security guard who arrives on time every morning with an empty backpack, likes to work overtime and goes home with a full backpack.

False security!

The special thing is that there are enough people who illegally download premium plugins without paying properly and thus fall into the trap of the hackers.
Many do not realize that from the moment the plugin becomes active, the website sends spam or redirects visitors in the first session to a website where you can gamble or buy other strange items.

This is detrimental to your position in Google and to your turnover, since your visitors will not see your website in this way.

The experiment

We regularly deal with WordPress sites that have been hacked because the programmer did not properly buy the plugins, but simply downloaded them illegally.
We thought it would be interesting to see what we get when we download a Nulled plugin for WordPress security.

Experience
We deal with hacked websites a lot and know exactly what we are doing. We do NOT recommend downloading illegal or Nulled plugins or other software.

Measures
Of course we don’t want viruses and we don’t want any problems with the server.
For that reason, we download the Nulled plugin on a virtual computer and put the plugin on a closed server.

Finding a Nulled plugin
There is nothing easier than googling and downloading a Nulled plugin. You can’t think of it that crazy or they offer it. The latest releases and the most expensive plugins.

But.. don’t be fooled, no matter how reliable and professional the website looks: the plugins contain hacks!

It’s already hit the first download!

I scan the first Nulled plugin with VirusTotal. It hits immediately.

What you see on the screenshot below are the most rotten hacks: trojans & back doors.
Trojans work secretly in the background of your website without you realizing it.

The name is derived from the Trojan horse. (Those who don’t know that story, read the story here)

resultaat scan

Trojans, backdoors, malware..

When you activate the plugin, you set access to your server & WordPress fully open. The hackers or an automated script will receive a signal which website has now been hacked (available).
They can do absolutely anything they want:

  1. Modify payment details in WooCommerce to their own illegal bank account
  2. Store and forward usernames and passwords
  3. Show advertising
  4. Edit texts
  5. Forward visitors
  6. And much more..

But there’s server security, right?

You would say that the security of the server, of the web host, knows this!
But that’s not true. The server does scan files, but the trick is that the plugins fragment the code and execute it in certain orders. Only the plugin itself knows that order, so the server cannot or will not execute it to find out that it contains unwanted code.

In addition to the fragmentation, the code is also written in an unreadable language that can only be executed by the hack itself.
The result can also not be judged as being desirable or not, since PHP has many server rights.

Only the most obvious and common hacks are detected and written as “suspected”.

Hacks do have a habit of exploiting server power and running everything at full speed. When the hoster finds out, they will disable your hosting package until you solve the problem.

The hoster cannot be held responsible for hacks in your website. You rent the web space, and if you don’t manage it properly or get hacked for whatever reason, it’s up to you to fix it.

Since that is complicated, do you need help or have your website repaired by professionals.

We dig deeper into the plugin

We have wandered off for a while, but we dig deeper into the plugin to see where those trojans and backdoors are.
Can we find them?

Looking for fragmented and encrypted code
Often server commands are encoded in Base64 and then executed with Eval. That’s the first thing we look for.
We see some lines of code appear (notepad++ Find in files).
But those lines of code look innocent.

Notable files
One technique we use when recovering a hacked website is to simply look for salient files.
Strange file names or php files that don’t belong in certain folders (like the css folder) often betray the malware/hacks.

We exclude a folder with css, a folder with images and a folder with txts.
But not so fast, the images are sometimes made executable!! (We don’t see any php extensions in the images and so continue)

Exclude files
We have excluded several files, and decide to scan the remaining files again.

It is striking that 2 of the 12 antivirus services do not realize that it concerns the previously tested malware after changing the name.

In short, they determine that a plugin is fake and only remember the name without scanning the content more often.
That is also one of the reasons why hacks/viruses can go on for so long, when minor changes in code or order of execution are made, they are unrecognizable by various antivirus services.

A few folders deep
Many hacks are a few folders deep, so they are less likely to be found. Somewhere between the “images” the “uploads/2015/etc” or “includes/colors/etc”
Not in this case, the trojans put them directly in the “core” files of the security plugin.

Found!

In the end we found the hacks, the code was neatly written.
It has been well thought out, several alternative methods have been used to open your website to the rest of the world (and especially to the hackers themselves).

Of course we do not show the code.

Conclusion

Nulled plugins still contain trojans. In these types of hacks, the code is neatly concealed with formatting so that it is indistinguishable from the regular code.

We will be doing more tests soon, such as:

  1. Is the antivirus plugin aware that it itself contains a hack/virus?
  2. Can other antivirus plugins find the hack in this plugin?

Stay informed of the latest messages via Linked-in, or via our news page!

Side note 1: hackers

And it should be clear that hackers and their criminal activities are not appreciated.
A hacker’s romance as you see it in movies is not how it goes in reality.

A hacker is someone who harms others for their own profit.
It frustrates the website owners, it frustrates the web hosting, and ultimately it costs money and time.

Side note 2: Illegal downloads

Well, if you choose to download something illegally yourself… you are actually just like the hackers.
You’re trying to take advantage of a plugin or theme without giving its creator their hard earned money.
We’ve all downloaded something from the internet, right?

But at least now you know what NOT to download illegally from the Internet.

Ps: we buy software that we work with neatly. Even if it’s just to avoid problems 😉
Safety above all!

Installing a wampserver (Windows)

/0 Comments/in

A wamp server allows you to test web applications such as WordPress.
WordPress runs on PHP & MySql.

We take you through a few steps on how to set up an environment so that you can experiment with WordPress, or set up a website without having to do this on your hosting environment.

Some advantages of a WAMP environment:

  1. You don’t need any FTP software to put the files online
  2. It all works a lot faster
  3. A WAMP environment is complete with phpmyadmin

We set up the WAMP specifically to test security issues that we do not want to test on the server at the web host.
We also do this on a virtual machine, but that aside.

Download WAMP

We download the WAMP software at this website.
The installation is self-explanatory.

After installation you will still be able to choose which browser and text editor you prefer. We prefer to use Chrome and Notepad++

Using wamp

WampServer

Wamp opens after installation with a modest icon in the taskbar. Actually you don’t notice it and you’re waiting for a home screen 😉
With your left mouse button you click on the icon in your taskbar and then a menu appears that can give you a headache as a newcomer.

But don’t run away just yet! It’s simpler than it seems.

What you see

  1. Localhost
    This is the “web address” where your website can be found.
  2. Phpmyadmin
    This is a tool to manage your database.
  3. Admin
    Also a database management tool.
    Sidenote: Some claim that Adminer is better than Phpmyadmin.
  4. Your virtual hosts
    That is if you have multiple “websites”. I never use either.
  5. WWW Directory
    The folder where you will place WordPress.
  6. Apache
    That’s what PHP runs on, don’t change anything.
  7. PHP
    You can change the version of php, think 5.6, or 7.
  8. MySql
    Do nothing about it.
  9. MariaDB
    Do nothing about it.

As you can see, anything is possible, but you only use (1) the web address, (2) PhpMyadmin & (5) the www directory.

It is important that all services are on.
My virtual machine was missing some Microsoft components, which caused Missing DLL errors. I installed that Ge-Googled, downloaded the packages from Microsoft and then I was able to turn on the Apache, MySql and Wamp services.

Install WordPress on WAMP

Download WordPress and put it in WAMP
You download WordPress which you place in the www directory as mentioned in step 5 (From “what you see”). (Unzipped of course, since it will be downloaded as a zip)

Start phpmyadmin
You start phpmyadmin (See step 2 of “what you see”)

Then you get a username and password in front of you that makes you think: what do I have to enter there again?!
The internet is full of that question and the answer is:
User: root
Pass: empty, just leave blank. Leave blank.

Create a new database
After that, for convenience, you create a new database.

test database

Link WordPress to the database
Now you are going to link WordPress to the database so that WordPress will store all the data somewhere there.
To do this, go to your web browser and enter localhost as the url. (Or click on the Wamp icon and then on (1) localhost)

Then you will see the below screen,

database connectie

The data you enter
This is very different from online. Since this website is only visible on your computer, no passwords are required.
They set it up like this for convenience, you can’t lose the passwords that way and you don’t have to remember them all.

As you can see, the database name is the previously created name “test environment”. The username is “root” again.
Leave password field blank.
Leave hostname on localhost.
You can change the table prefix, this is wp_ by default but I have the habit of changing it to my liking. It doesn’t matter what prefix you put there. If only briefly.

You have your own test environment!

Now you have a test environment where you can test WordPress and plugins without slowing down the server. Without the need for FTP software!

Ps: If you go to localhost in your favorite browser, you will be the only one who can see the WordPress website.

Have fun 🙂Voorbeeld testomgeving

 

When do you have too many plugins?

/0 Comments/in

To immediately piss off many website builders: 30+ plugins is too much.

Of course the customer has wishes,
The website must be a fast Ferrari with the loading space of a truck and the seating comfort of a train.

How many plugins is common?

10 to 20, maximum!
Rather 10 than 20.

Why limit the number of plugins?

Each plugin loads a piece of code, making the website a bit slower.
Then we are not even talking about plugins that are of lesser quality, which can slow down your website by seconds.

Gosh, what’s a second

If your website loads within 4-5 seconds, it’s no problem. But each plugin adds 0.1 to 0.3 seconds.
If you have 30 plugins on and your website takes 8-12 seconds to load, the visitors will drop out.
Google will also give your website a lower ranking in Google.

How do I limit the number of plugins?

  1. Custom – don’t use a plugin for every function.
  2. Avoid duplicate plugins – Yoast SEO is good, your site will not be found better with 3 seo plugins.
  3. Think in advance what your website should be able to do – then the programmer can take that into account

Security

In addition to the speed of the website, security is also hard to find with 30+ plugins.
Why?

Plugins leak every week, hackers find ways to take over your website or fill it with advertising.
Check out this website: https://wpvulndb.com/plugins

I want a fast website and a secure website – but also lots of features!

The speed of your website
Then take a good hosting package, such as a VPS (Virtual Private Server), DDS (Dedicated) with SSD (Solid State Drive) and sufficient ram memory. (Don’t forget the CPU, but with a dds that is often fine)
Technical story, just ask the web host.

The security of your website
Let your website secure and manage. We check whether the plugins are still safe, keep them up-to-date and keep an eye on your website. The blacklists, speed and more!

A good programmer
A good programmer knows what he is doing and how to keep your website fast. If you want an extensive website with many functions, a good programmer is indispensable!

This is how you install wordpress!

/0 Comments/in

Installing WordPress, it has worked the same way for 10 years and is very simple. If you know how!
That’s why these basic instructions for the absolute beginner.

  1. Download WordPress here for free
    You will now download a ZIP/RAR file. If you don’t yet have the option to extract the files, download Winzip or Winrar.
  2. You need a domain name and hosting to show your website on the internet.
  3. When you have hosting, you get Database and FTP data.
    With Filezilla and the FTP details you can Put WordPress (From step 1) on the server.</li >
  4. Once you have uploaded the files to the server (Step 3), you can start the installation.
    Go with the browser to the domain name you purchased where your website should be located, then this screen will appear automatically.
  5. On the installation screen, enter the Database details. (You got it from the web host, step 3)
    You will also be asked to come up with a username and password that will allow you to access the administration panel from now on.
    Click install, and you’re done!

Have fun with WordPress!

7 seconds in the life of a hack-bot

/0 Comments/in

Computers are fast, aren’t they?
They perform millions of calculations within seconds.

We take a look at 7 seconds in the life of a hack bot to see why and how quickly your website can be infected with Malware.

0 to 0.70 Seconds: The time it takes to show 204,000,000 results in Google with search term webshops

0.70 to 4.5 seconds: The time it takes for a website to load

4.5 to 5.8 seconds: The time it takes to compare all source code of the website against databases of leaky plugins, WordPress releases, webshop leaks

5.8 to 6.3 seconds: The time it takes to make a targeted injection on the server/website through the leaks found (Advertisement, links, etc.)

6.3 to 6.6 seconds: The time it takes to put a “backdoor” and send a message to the hacker’s log

Hack successful – $time – $URL – $sales

This is 1 script, which mainly waits for the loading time of your website. Meanwhile, the hack bot is running 1000 more processes with the exact same trick on 1000 other websites.

When the script has successfully copied itself, we speak of a virus

Then the whole story starts all over again with the 7 seconds, only through multiple servers.
300,000 injections/hacks in 24 hours via 1 script is therefore not uncommon.

WordPress plugins that stop hacking bots

What a hack bot does in 7 seconds, an antivirus plugin can stop, roll back or prevent just as quickly.
So make sure that your website has good security immediately after launch, haven’t you arranged that yet?
Then install a security plugin now!

You can read more about free and premium security plugins for WordPress here.

Improve your WooCommerce webshop with this checklist

/0 Comments/in

The first impression

Just like in a physical store, your products should look attractive in the woocommerce webshop:
According to statistics, customers decide in the first 5 seconds whether they want to continue their product selection.

  1. Do you have clear pictures
  2. A clear description of the product

woocommerce producten goed fout

The appearance of your webshop:
Although the visitor mainly looks at the products, the subconscious (the feeling) also determines a large part of the purchase.

  1. Is your WordPress webshop easy to use on mobile and tablet (40% of visitors use a mobile or tablet)
  2. Do you have a clear logo
  3. Is the text legible (not too small)
  4. Do the colors of your webshop match your products (Orange-yellow is nice for a travel website, but not for watches, for example)

uitstraling website

User Ease

Can the visitor see with 1 mouse click:

  1. Who is responsible for the webshop (About us page)
  2. What is the return policy/warranty
  3. How others experience your services or products (references)
  4. Whether you have a quality mark

Speed

How fast does your WooCommerce webshop load:
The top 3 biggest reasons for clicking away from the webshop appear to be Pop-ups, misleading texts and a slow webshop.

  1. Do you know the loading time of your webshop (Should be a maximum of 7-10 seconds)
    Check the speed of your webshop now at gtmetrix.com
  2. Do you have 1 optimization plugin (Think Autoptimize, WP-Rocket)

snelle website

Google

How is it doing in Google:
70% of visitors come from Google. The description they see with their search result partly determines whether they visit your webshop.

  1. Do you have an SEO plugin (Think Yoast Seo)
  2. Have the descriptions of products and pages been adjusted (by default it takes the first sentences of your webshop)
  3. Do you have a sitemap (Can also be arranged via Yoast, at advanced)
  4. How many pages are indexed, are all your products indexed

google webshop goed fout

Security

Is your webshop safe for customers:
Customers fill in their payment details, sometimes personal details, home address and that must not fall into the hands of hackers

  1. Does your webshop have an https certificate (SSL)
  2. Is your WordPress admin secure (redirected, brute-force protected)
  3. Is your webshop up-to-date (plugins, WordPress core, the theme)
  4. Does your webshop or WordPress not contain any malware (Check it at rescan.pro)

Do you want to be sure that your WooCommerce webshop is safe? Let us secure your webshop.

 

 

All my WordPress websites have been hacked, now what?

/0 Comments/in ,

What’s in this article

Plugins or themes regularly leak and malware ends up in multiple WordPress websites at the same time.
Wwhat should you do if you are responsible for 5 or 10 websites? Or when you manage 80 to 100?

Multiple websites hacked at the same time, how is that possible?

When 1 plugin is used on multiple websites or when 1 fixed theme is used, there is a greater chance that several websites will be infected at once.
Hackbots perform searches for certain plugins with a leak and use the leak to fill the website with advertising, spam, malware, backdoors and more trouble.

1 hack – 1 solution?

You would think that you can find the hack in the same files or folders on every website. Or in 1 fixed place in the database.
Unfortunately, hack scripts use the technique of dropping malware in random places.

Randomly posting hacks are done by the hack scripts to prevent the server from intercepting

In short, you have to solve and remove 1 hack in different ways.

Help to find hacks in your websites

Malcare
Malcare is a service that allows you to check multiple websites for hacks.
You have to register them 1-by-1, but once registered, Malcare shows exactly which files contain the malware.
It is then up to you to determine whether you want to manually remove the hacks/malware, or whether the files need to be completely removed.

The sucuri malware scan
The malware scanner from Sucuri shows you what hacks you have. This will help you find and remove hacks.

Google webmaster tools
The security page of the Google webmaster tools tells you which pages contain malware, phishing or unwanted advertising. find is.

Is there a One Click Fix to make all hacked websites hack-free in 1x?

We all prefer to see a “one click fix”. Where the computer/software detects and removes or corrects the hacks.
Unfortunately, there is no one-click fix as the difference between a hacker’s code and desired code cannot be calculated by software.

The tools we described above make it a lot easier to find the hacks among the hundreds of files and the thousands of lines of code, but you will still have to remove or modify the hacks yourself.

How do you know your websites have been hacked?

If WordPress has been hacked you will not immediately see it, the hacks themselves are usually well hidden by a hacker and his script/virus.

Usually you can see the effect of the hack.

  1. Your website is being redirected to another website.
  2. Your website shows advertisements or links from another website in your website. (You can read why hackers do that here.)
  3. You can no longer access your administration panel.
  4. Your website has completely changed its style or even shows a page from the hacker.
  5. Your website is slow.
  6. The security of your computer reports Phishing, a Trojan or other attacks on the PC.

You can do a scan if you are not sure if your websites have been hacked:
Rescan.pro – Good at detecting malware, hacks.
Sucuri malware scanner – Shows you if the site contains malware and often shows what type of malware
IsItHacked – Sees iframes and other hacker tricks before previous scanners

Remove the hack, what are you looking for?

Hackers use various methods to hide malware from the server’s virus scanner and from you so you can’t get it out easily.
Think of it as a thief, who also prefers not to be seen and has various tricks and disguises for that.

Base64
This is code that is executed through specific requests on files. The virus scanner does not make those requests, so the code remains hidden.
Base64 is an ugly plain line of code, usually containing the base64 declaration and/or an eval.
Note that some plugins also use base64. With base64 you can convert entire images into code!

Neat code intertwined with current coding
In some situations, hackers write clean code with professional formatting so that you can hardly tell the difference between code that belongs in the website and that of the hacker.

Java scripts
They load external files by means of 1 small piece of code. Those files contain all the hacks. Because the code is loaded externally, it cannot be found in your website. Fortunately, the aforementioned Sucuri & rescan scanner that does handle javascripts.

Code in disguised files
Code in “images”. A png file is an image type that the server will not execute as code. But with proper encryption, hackers can open the png and run it as a script. The server and other antivirus programs and especially people look over those “innocent” images in the uploads folders!

How to prevent all your WordPress sites from being hacked

  1. Install an antivirus plugin on every website
    Every website needs protection against automated hacks, viruses and/or malware.
  2. Make regular backups
    Preferably make daily backups, at least once a week. Retains at least 4-8 weeks as it sometimes takes about 3 weeks before you find out that malware has entered your website through a hack.
  3. Check the websites regularly
    Check the security plugins logs for suspicious file changes, login attempts, etc
  4. Keep plugins and themes up to date
    The programmers of plugins regularly release updates that fix security vulnerabilities
  5. Do not use more than 8-15 plugins per website
    Every plugin is a security risk
  6. Keep premium plugins and themes up to date as well
    Make sure the licenses are valid, premium plugins may be better maintained by the programmers but they are also targeted by hackers.
    Hackers download Nulled versions of the premium plugins and can test them for possible security risks for free
  7. Put each website on a unique hosting package or user account
    We regularly see multiple websites in 1 hosting package. The risk of this is that all sites are hacked if the ftp/database data leaks.
    And what is most common is that the malware can be placed in all folders.
    Prevent this with separate hosting packages or users under a VPS. This way you limit the write permissions and sites cannot exchange malware with each other.

 

PHP update required, now what?

/0 Comments/in

Are you sitting behind the computer with a cup of coffee or tea to provide your website with a new piece of text, suddenly there is a message in your admin that you need to update the PHP.

Even worse, you see a warning: WordPress has detected that your site is using an insecure version of PHP…

How do I update PHP then?
Which PHP version do I have now?
Can I ignore this message?

Read on and find out!

How should I update PHP then?

It is up to your web host to update php to a new version.
In short, send your hoster a message asking if your website can be set to PHP 7+. (Note: requirements will get higher in the future)

Which PHP do I have now?

You can see the PHP version that is currently being used by installing the Display PHP Version plugin. This can easily be done via the plugin management of WordPress.
After installation and activation, a piece of text (See outlined image below) will appear in your dashboard with the PHP version.

de php versie

Is it possible to use a higher PHP version with my website?

It is important that your plugins, theme and WordPress are up to date. Then you have the greatest chance that your website is ready for it.
Therefore make a backup of your website before you start updating if you haven’t done so in a while have.

PHP is therefore arranged by my hoster, is my hoster negligent?

No, it is not negligence if your hoster has not yet updated the PHP version. When adjusting to a new PHP, websites sometimes go wrong because they are not properly maintained by you or your web administrator.

I don’t have time for it, the update will come sometime

WordPress is getting stricter. To ensure that websites are safe for users and visitors.
Now they give a warning on the dashboard, but soon the minimum requirements for PHP will also be implemented in plugins.
This means that plugins or themes cannot even be installed if your website is still running on an old PHP.

Okay, first my website suddenly had to have https, now this again!

Https, php, security.. none of that was necessary before

The times when you made or had a website made that you didn’t have to look at for 5 years are over. (was a great time 🙂

all onlineThe internet has gained so much power and influence because everyone uses it daily that times have changed.

We shop online these days, we learn online, we use the internet as a guide for many things in our lives.

Many devices can no longer even function without internet!

It is extremely important that hackers cannot interfere. That your smartphone, tablet or computer is not hijacked by a hacker or infected with a virus.

I don’t have the time or inclination to update and keep up with WordPress!

Leave it to us. We are active full-time in maintaining WordPress websites. We make sure that your website is up-to-date, that you have backups if something happens and that the hoster can upgrade to the latest PHP without any problems.

Click here to have your WordPress website secured and maintained by us.