Protect Your WordPress

Since nowadays hacking issue is getting hotter, i will share to you a little bit of hacking technique which is common to use by the hacker in order to compromise your site (mostly WordPress based site) also the way to prevent the attack.

Hacking Technique

Nuke

Nuke attack basically is an attack based on command (using ping), sometimes hacker which is a newbie will use a tools to do it like WinNuke (a nuke tools for Windows). Nuke attack will do a tons of ping command in order to hang-up your server, in many cases if your server operating system is a Windows, this attack may caused your server to show a blue screen of death.

This is the tracert command using command prompt, the area which is marked red is the hosting provider security layers. IP address and site name is hidden on this picture

This is the tracert command using command prompt, the area which is marked red is the hosting provider security layers.
IP address and site name is hidden on this picture

This attack method cannot be classified as hacking activity since the hacker is not targeting your data (just for fun). This attack always targeting a private server.

The hacker usually check your site using a tools like command prompt with command tracert to check whether you use a hosting provider or not.

This is also the same as a tracert command, but this one is using a tools which will give you more specific details like where is the hosting, etc. At this picture the hosting is located at http://www.pasarhosting.com. IP address and site name is hidden on this picture

This is also the same as a tracert command, but this one is using a tools which will give you more specific details like where is the hosting, etc. At this picture the hosting is located at http://www.pasarhosting.com.
IP address and site name is hidden on this picture

Since this attack usually targeting a private server, then it is highly recommended to have a hosting provider to store your web files and data rather than use a private server. You can use a private server only if you have a medium knowledge about security.

DDOS Attack

DDOS attack basically is the same as Nuke, but the difference is when your server is going to hang-up, the hacker is implant some malware or a trojan into your site. This virus is used in order to take control of your site like updating a files, etc. The most common result of this type of attack is the hacker remove several required files like index.php or index.html

Untitled-11

This is the sample of a hacked site, on this site just index.php which is compromised

This type of hacking in several cases, the hacker just want to give you a message or just for fun (like the message on the image above, the hacker just want to test the security of your site). To test what files is being compromised, you can use this tools which is free to use.

Kaspersky Internet Security 2012

Example of Trojan injected site

Nowadays, DDOS attack already evolve to a more dangerous attack, this one is called by Permanent DDOS attack which targeting your hardware (Network Card or Router). This method target is to install a new firmware into your device then your device cannot be used for a while until you fix it (like flashing the device – your device may be death permanently)

To prevent this method, what you can do are:

  • Use a proper and well-known hosting provider (like GoDaddy, Blue Host, etc.)
  • Firewall, if you are using a private server, then your security must be the most important thing. Installing a firewall is the top issue
  • Router, if you are using a private server, make sure if your internet line is not directly linked into your server pc, the line must be connected into a router first. The router these day already has its own firewall and several security tools
  • Operating System, again, if you’re using a private server, then make sure if you are not using these operating system: Windows 2000 SP4, Windows NT 4.0 SP6a, and Windows XP SP2. Those operating system security is out of date and also not ready to prevent the DDOS attack

Brute Force

This technique which is the hottest issue right now, even Matt himself post about this issue on his own site. This technique is the only technique which is tools based hacking, also this technique is the second step if the hacking methods above are failed.

The hacker will create or use an algorithm tools in order to crack your site (the most common case, the hacker will use password crackers tools). This tools will try every possibility to find out the right combination of your site, also this tools will not stop until the hacker stop it.

In order to prevent this attack method, what you can do:

SQL Injection

This technique is requiring a set of hacking skills and many hacking experience, the hacker first will analyse your site, like what plugin you are using, where is your hosting located, how is the security, etc. The most common case is the hacker found a hole which is made by a plugin(s) you use (active plugins) and also the theme you use (active theme).

The only things you can do to prevent this attack:

  • Change the default permalinks. Hacker usually use a tools named havij, we already try this tools and the results is it cannot crack your site if the permalinks is set to be post name (the other option also works! But not the default one)
  • Use a common plugins, install a plugin carefully! Make sure if the plugins you use have a good response from the earlier user (at the WordPress.org plugin forum)

Ok, that’s it what you should know and aware about hacking techniques. Below, you will know more tips and trick to protect your WordPress.

Protect Your WordPress

In order to secure your WordPress based site, you can use many tools or technique. Here are some tips from me:

Using Plugin

As you know at WordPress market there are a tons of plugin you can download and use for free including a security plugin.

But, from a tons plugins there only a few of them which have a quality to really protect your site. For me, there are only two plugins which have an outstanding result:

  1. BulletProof Security
    For me, this plugin is complete. This plugin will protect your site from all hacking techniques i mention above. What this plugin do are: modify your .htaccess file, protect your wp-includes directory, protect your site from SQL Query Injection, and many more
  2. Limit Login Attempt
    With this plugin, the hacker who are using brute force attack may fail if they want to do it on your site. This plugin will limit only 5 mistakes in order to login into WordPress dashboard
  3. WordPress Firewall 2 
    If you going to the plugin download page, you will see a notification that mention if this plugin already expired. But don’t be worry for that. I already test this plugin at the latest version of WordPress (v3.6) and it is working fine.
    This plugin will send you an e-mail contain: when the hacker trying to compromise your site (date, hour, minutes, seconds. very detail), the IP address of the attacker and what technique did he/her use

Alert from WordPress Firewall

Only two plugins that fulfill my needs about security. If you a lawyer or someone that want to revenge the hacker, you can use this tool to check where is the location of the hacker.

Manual Security

  • Regularly update your WordPress password
  • NEVER share your CPanel account information to anyone
  • Before you using a plugin, check the review and comments first. In case that plugin have a backdoor such as easy comments upload plugin
  • Use a strong enough password (for example: wOrdp123sS)
  • Adding white list to your .htaccess file. The white list code:
    AuthType Basic
    order deny,allow
    deny from all
    
    whitelist HOME IP
    allow from xxx.xxx.xxx.xxx
    whitelist OFFICE IP
    allow from yy.yyy.yyy.yyy
    
  • Monthly/Weekly Backup. In case your site is hacked (like removing some files, etc.), you can restore your site backup files to make sure if your site is live immediately
  • Always update your files if available
  • Make sure if you are using paid hosting service

I think by this steps, your WordPress will be invulnerable to be attacked by a Hacker. Ok, that’s it and enjoy reading my blog!

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s