{"id":21961,"date":"2024-01-19T10:00:59","date_gmt":"2024-01-19T08:00:59","guid":{"rendered":"https:\/\/wpbeveiligen.nl\/?p=21961"},"modified":"2023-07-27T10:02:11","modified_gmt":"2023-07-27T08:02:11","slug":"what-is-a-hack-bot-heres-how-to-protect-wordpress-from-hackbots","status":"publish","type":"post","link":"https:\/\/wpbeveiligen.nl\/en\/what-is-a-hack-bot-heres-how-to-protect-wordpress-from-hackbots\/","title":{"rendered":"What is a hack bot? Here’s how to protect WordPress from hackbots"},"content":{"rendered":"
What is a Bot?<\/strong> Bots are 1000x faster than humans.<\/p><\/blockquote>\n If we make a simple calculation, assuming that a human can manually attack one website per hour by conducting various security tests on WordPress, and then we see that a bot can attack a new website every 30 seconds with hundreds of requests, we can understand how quickly it can happen.<\/p>\n A computer can execute several million requests (tests) per minute.<\/p>\n What the bot does in slow motion:<\/strong> And so on… Millions of requests per minute!<\/p>\n And this database of requests is kept up-to-date via, yes… another Bot.<\/p>\n Once the Bot knows the WordPress version running on your server and the active plugins and theme, it compares this information with the database containing vulnerabilities for each plugin and theme.<\/p>\n This process takes people half an hour, but for the bot, it’s a matter of milliseconds. (Thank you, technology!)<\/p>\n When the Bot knows which plugins and themes are running on the WordPress version, it will use that information to exploit known vulnerabilities and inject code into the database and server.<\/p>\n Oh no! Code injections into the database and server? That sounds nasty!<\/p>\n Indeed, it is. The injections add data, including files that become active and send spam, or gather more information about users, or gain access to the server.<\/p>\n The bots know the standard plugins, the default WordPress version, and compare them. Combine this with the right measures against bots:<\/strong><\/p>\n Then you can stop the Bots. They are just scripts that follow protocols! Break the habit, and a Bot won’t know what to do.<\/p>\n
\nA Bot is simply the abbreviation of a “roBot.”<\/p>\nIn short, your website is hacked by a Bot?!<\/h2>\n
\ntranslated from computer language to human terms<\/em><\/p>\nRequests for the WordPress version<\/h2>\n
\n
Requests for active plugins<\/h2>\n
\n
What does the bot do after making the requests?<\/h2>\n
Knowledge is power<\/h2>\n
How do you protect against bots?<\/h2>\n
\nSo, if they no longer know which plugins you are using, which theme, and which WordPress version, the bots are left powerless!<\/p>\n\n