Baseline Checkup for Integrity of your WordPress Site

It’s 11:45 AM. Do you know how many administrators are on your WordPress site?

Unfortunately, WordPress, at its base is a piece of software. Any piece of software has the potential for exploits. With WordPress exploits, nefarious people could be using your site to inflict evil on other people. A major case and point happened recently. The largest piece of malware to ever effect the Mac has happened in the last few months. This piece of malware got spread through WordPress sites that had been exploited.

If you ask me, exploits and keeping your site minimally exposed to hackers are the number one reasons to keep WordPress, Plugins, and Themes updated. Often these updated fix exploits. With these fixed exploits, this lowers the potential of a WordPress site getting hacked.

WordPress exploits are well known. Have any doubts? Check out this list. By not having the most up to date version of WordPress, a WordPress site is open to any exploit on this list targeted at that version of WordPress.

One of the most valuable hacks, at least as far as the bad guys are concerned, are exploits that allow them to add an administrative user. This exploit allows for a hackers to do just that thing. Notice, the version of WordPress effected by this exploit is 3.3.1, the second most recent version. Anyone not updated to the most recent version, 3.3.2 is potentially vulnerable to this exploit.

Step back and think about it a second. What would be the problem if someone unknown suddenly could administer another WordPress site, potentially yours? As an administrator, they could make what ever changes they wanted to the exploited site. They could add code, users, posts, comments, all at their free will. If they so desired they could even delete the exploited site! That wouldn’t buy them much, but it is a possibility. They would much rather have a site up and infected. Then they can continue to use the exploited site for whatever purpose they wanted.

Beyond the direct affect on the exploited site, there is an even larger potential problem, the site’s SEO. One thing web search engines do while crawling sites is look out for malware. I have and maybe you have too, clicked on a link in Google only to be warned that you are going to a site that may be infected with malware. That alone, would be a scary enough for potential customers.

Google’s search engine will also keep a watch on an infected site. The longer the infection lingers, the lower the rank the infected site will receive. Any ranking the infected site had built up with Google could soon be lost without a timely fix.

So, what can be done to protect a WordPress site? One of the easiest things that can be done is to keep a watch on the number of administrators on your site. If there are more administrators on your site than you expect, you could have been hit by an exploit. Thankfully, when logged on as an administrator, The User Panel will show the number of administrators. This panel shows three administrators; the expect amount, by the way.

PastedGraphic2-2012-05-4-11-42.tiff

If the Administrator count is larger than expected, click on the administrator link to show who the administrators are for the site. If the numbers of administrators are less than the count of administrators, that is a problem. There are obscure problems that can allow the count of administrators to not be reflected in the list. More likely than not, the rogue administrator has been hidden, A very easy thing to do. If you find yourself in this predicament, you will either (1) have to get your hands dirty with SQL or (2) find someone who will.

Unfortunately, WordPress sites are vulnerable to exploits. These exploits can be used to cause harm to people who unknowingly visit they exploited site and also damage the sites reputation. One basic way WordPress site owners can keep an eye on the integrity of their site, is to make sure there is not a sudden increase in the number of administrators. This is an obvious sign that a site has been hacked.

In closing,

It’s 1:45 PM. Do you know how many administrators are on your WordPress site?

4 thoughts on “Baseline Checkup for Integrity of your WordPress Site

  1. Thanks of the cautionary article, but was the intent to be fearful or how to protect oneself with the new wordpress technology? It would have been nice to hear a story around someone you know that this happened to, what they did to resolve the problem and how we can all protect protect ourselves if we have have a wordpress site or blog. I will resource this information further. Thanks for making us aware.

  2. Darylene,

    This post, I view as an awareness post. I believe most people using WordPress have little awareness that their WordPress site can be hacked. This post speaks to one hack and a quick way to determine if a site is affected my this kind of hack.

    It is a first, in a series where I hope to highlight some plugins that can be used to harden a WordPress Site from hacks. In looking at many of the plug-ins, they require the most recent version of WordPress. So, if you are not taking step one to harden your site, The plug-ins I will right about will not be of assistance to a WordPress site.

    Sorry, I do not have a specific case where this happened. I did give a general case, though, without reference. This is an article showing how a malware on the Mac which has infected over 600,000 machines has been traced back to hacked WordPress sites, http://www.gmanetwork.com/news/story/256242/scitech/technology/mac-malware-attacks-traced-to-hacked-wordpress-blogs.

  3. I perceive a “to do list” percolating. Thanks for your guidance. There are so many things we “could” pay attention to. I appreciate that you let us know where it is worthwhile to spend some time.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>