\nEach\nof these most popular attack effects is very unfavorable and you\nshould do everything to ensure that this pasted code does not appear\non our website.<\/p>\n\n\n\n
Each of these most popular attack effects is very unfavorable and you should do everything to ensure that this pasted code does not appear on our website.<\/p>\n\n\n\n
What does the WordPress hacking look like? <\/h3>\n\n\n\n
Below is an example of a file that has been infected by sticking an encrypted piece of code into it. This is a file from the popular (over 300,000 installations) WordPress plugin called: MailPoet Newsletters.<\/p>\n\n\n\n
The file is located in the directory: \/wp-content\/plugins\/wysija-newsletters\/core\/autoloader.php
<\/p>\n\n\n\n
![\"\"](\"https:\/\/beta.smarthost.eu\/blog\/wp-content\/uploads\/2019\/03\/wordpress_1-1024x630.jpg\")
<\/figure><\/div>\n\n\n\nSee the code attached? And you should already notice that \ud83d\ude09 Although at first glance, the file looks quite ordinary. However, pay attention to the horizontal scroll bar…<\/p>\n\n\n\n
![\"\"](\"https:\/\/beta.smarthost.eu\/blog\/wp-content\/uploads\/2019\/03\/wordpress_2-1024x630.jpg\")
<\/figure><\/div>\n\n\n\nJust move this bar slightly to the right and you can see immediately that in the first line after a few hundred spaces there is a fragment that should not be there!<\/p>\n\n\n\n
Another option is to switch the view to “wrapping lines” – you can also see the beautifully attached code right away…<\/p>\n\n\n\n
![\"\"](\"https:\/\/beta.smarthost.eu\/blog\/wp-content\/uploads\/2019\/03\/wordpress_3-1024x630.jpg\")
<\/figure><\/div>\n\n\n\nThis particular infection is the result of a breach in the GDPR Compliance plugin. Interestingly, the code was detected while moving the page to our server from one of the hosting companies specializing in the so-called hosting for WordPress. The customer told us that the break-in was diagnosed and specialists removed its effects. As it turned out, the removal of the effects was not complete.<\/p>\n\n\n\n
And how should we know that the files are infected? Because we have a special system that detects and protects against intrusions…<\/p>\n\n\n\n
Anti-exploit system – effective anti-intrusion protection system for WordPress<\/h3>\n\n\n\n
We have a special protection system installed on all Smarthost.pl hosting accounts – a system that checks every file at the time of its modification. It is not important whether the modification is done by uploading the file via ftp, sftp, or uploaded the file in front of the form on the page, or … uploaded using the gap in the certain theme or plugin.
From the point of view of the anti-eploit system, it is important that the file is modified on the disk. In this case, the system checks if the file contains malicious code. The anti-exploit system contains a database of several thousand known malicious scripts. The malicious scripts are fortunately relatively easily to recognize (as it can be noticed in the examples above) – in a simple and effective way, it is possible to detect and block a file containing such malicious code on the server.
The anti-exploit scanner also checks files for viruses based on a database of known viruses, which in combination with the exploit signatures creates a very effective barrier against attacks.<\/p>\n\n\n\n
![\"\"](\"https:\/\/beta.smarthost.eu\/blog\/wp-content\/uploads\/2019\/03\/hosting.jpg\")
<\/figure><\/div>\n\n\n\nIn addition to blocking malicious scripts, the anti-exploit system also sends the information to the website-owner that certain attempts have been performed in order to save a file containing malware. It gives a convenient tool for taking care of your own website.
Does the anti-exploit system detect all intrusion attempts? Probably not … but the ones that it detects is the sufficient reason, that since two years of its use we did not have a single request coming from our customers to recreate the page from the backup “because it was hacked”. This indicates clearly its effectiveness. We publish a server file scan report for 2016 online here:<\/p>\n\n\n\n
If you need a security system against uploading a malware software to your website
just move to our hosting site that cares about the security of clients’ files<\/h4>\n\n\n\n
\nMigration\nto our hosting site is free, we do it efficiently and quickly,\nwithout a significant interruption in the operation of the website\n(you can find more information on the migration to our hosting site\non this following webpage)<\/p>\n\n\n\n
\nThe\nanti-explite system (read more about it) works on each of our hosting\naccounts:<\/p>\n\n\n\n
\nIn\nthe background. Unnoticeable. Efficiently.<\/strong><\/p>\n\n\n\n Check out our hosting packages<\/h3>\n","protected":false},"excerpt":{"rendered":"