Post on 15-Apr-2017
Website hacking – what does it mean? & What WordPress security issues you should be aware of
In this section, it will be enough to list several major technical ways how website (or server-side infrastructure) can be hacked, so that someone could grasp the overall picture:(the ways how to protect from these and other hacks are given in one of the next sections below)
Web site hacking
MetaKave.com
Web Site Hacking
MetaKave.com
•Guessing admin name and password – hacking scripts just make tons of requests and finally guess login credentials
•Sending a malicious command to database
•Changing the code of website
Web Site Hacking
MetaKave.com
• Changing websites scripts to control users’ browser
Web Site Hacking
MetaKave.com
• Input forms to steal sensitive information like credit card credentials or admin user/password
• Stealing authentication and session information to be able to use login and password
Web Site Hacking
MetaKave.com
Stealing cookies, the hacks can be done on these levels:
• client level (operation system and browser)
• website level (software, e.g. WordPress, plugins)
• server level (e.g. hosting)
• network level (connection breaches, e.g. insecure wi-fi)
Web Site Hacking
MetaKave.com
• The most scary thing is that someone may even not notice that he or she have been hacked
• But a malicious code can be on website doing its harm for business and even for visitors silently
How Website Can Be Hacked
MetaKave.com
How Website Can Be Hacked
MetaKave.com
•Hacking is constantly evolving game
•New methods and vulnerabilities are discovered and used by hackers year by year
WordPress Security Issue should be aware of
MetaKave.com
Here are the general vulnerable spots directly connected with your WordPress website:• WordPress core
WordPress Security Issue should be aware of
MetaKave.com
Here are the general vulnerable spots directly connected with your WordPress website:
• Hosting vulnerabilities
• Insecurities in WordPress themes
• Plugins security breaches
• Insecure passwords
•Website file access insecure permissions
WordPress Security Issue should be aware of
MetaKave.com
• Hackers have a lot of potential because of people’s predictability, laziness or lack of awareness
WordPress Security Issue should be aware of
MetaKave.com
• For example, less than 17% of WP sites use the most recent WP version as of time of writing this
• It means that majority of WP sites can be hacked much easier
• So it’s people who are lazy to keep their WordPress version up to date
WordPress Security Issue should be aware of
MetaKave.com
• Although WordPress core is pretty secure WordPress add-ons such as themes and plugins are not reliable
•The speaker says WP plugins are generally not secure at all and it’s not exaggeration
WordPress Security Issue should be aware of
MetaKave.com
•All these weaknesses in plugins, themes etc take place for laziness of developers and lack of developer’s expertise in security
•Serious providers update products regularly fixing new security weaknesses
•If you need free consultation for SEO, feel free to contact us
•Our Email is: sadiq@metakave.com
•Get Free Consultation Today
•Visit us at http://metakave.com
Get Free Quote
MetaKave.com
CommunicationSadiq M. AlamFounder & Head of Ideas
Call: (+880) 017110 56474, (+880) 09611 699 014Email: sadiq@metakave.comSkype: sadiq.alam
MetaKave Dev HQApt 12B2, Al-Baraka Tower 252 Elephant Road, Dhaka-1205, Bangladesh