Hey Guyz Howz Y0uh All
well as you know today a lot of WordPress sites got hacked by hackers
so the question is how do they do it ?
how wordpress sites got hacked by hackers ?
there are few common attacks that 95% Hackers use to hack Wordpress Blog/web
1) Admin Login
25% wordpress websites are just vulnerable to password guess attack
there passwords are Admin | Admin look ? how dumb !
admin123 administrator123 123456 12345 imcool qwerty zxcvb zxcv123
always use Strong Passwords
2) WordPress Plugins
Yes, WordPress Plugins are vulnerable to SQL Injection , LFi ,RFI , RCE
Before Installing Any Plugins , Use Google and search for its exploits and Patch It!
3)Full Path Disclosure
WordPress Is Full of FPDs Attack
look at this => hacker comes and check source code of your Wordpress Website
and he got your template name than he do something like that
www.yourwordpressblog.com/wp-contents/themes/themename/functions.php
and vOila :v :v :v :v :v he G0t FPD
FPD also reveals your cPanel(Control Panel) Username :P
or =>
http://www.wi-tribe.pk/wp-includes/wp-db.php Look Live Example they are dumbs!
http://www.wi-tribe.pk/wp-includes/wp-db.php Look Live Example they are dumbs!
How To Prevent it ? Ans - Change File And Directory Permissions From cPanel
4) Symlink
The easiest Way To Hack Wordpress Websites/Blog
hacker hacks another website hosted on the same server where your website is hosted
than he make symlinks and he get in to your Database easily
Change Your Database Config(wp-config.php) file permission :)
5) Login Forms
Use Captcha to Protect Your Login Forms From BruteForce Attack
6) Hosting
Never Use Free Hosting always Choose Good And Paid Hosting , some good hosting are
HostGator , LiteSpeed , Cloudflare.......
Now You Know how to be secure in this Cyber World :)
Comment For Any Help
0 comments:
Post a Comment