While hacks into the websites of Sony, LinkedIn and Microsoft make the news, people are often surprised when I say that even the littlest site can be a target for hackers. “Why would anyone want to hack me? My site only has a few pages about my plumbing business, no use to a hacker…” etc.
While it’s true the pickings may not be as rich, any site is of interest to a hacker. In fact the hacker may not even know anything about the site they are trying to break into. It’s all automated. They are just searching the Internet looking for a site with a known vulnerability. It can then be used for a number of purposes such as promoting illegal products, generating spam emails, linking to dubious websites, or collecting personal data from your visitors.
If you follow this link you can read about a security loophole that affects various WordPress themes that contain a file called dl-skin.php. This file gives the hacker the ability to download or delete arbitrary files on the system. That can play havoc with your site. And the theme containing the file doesn’t even have to be active. It just needs to be on your server.
Looking at the security log file of this very website, I can see several recent attempts to hack the site using this vulnerability. Here’s one.
In this instance the IP address, 18.104.22.168 relates to a hacker in Latvia, according to this report on the website www.abuseipdb.com. Because I don’t have that file on my system, a 404 error was logged.
To guard against this, make sure your site has the latest versions of the theme, plug-ins and WordPress itself, because when these vulnerabilities are discovered, it usually doesn’t take long for a fix to be released. So when you update the site, the fix (if one exists) is installed.
If you’d like any help or advice on this subject, just drop me a line.