Servermeister.comServermeister.com

Vragen? bel: 020 89 500 45 -- Inloggen klantenpaneel
  • LANGUAGES
    • Nederlands Nederlands
    • English English
  • MY CART
    No products in cart.
  • Diensten
    • Serverbeheer
      • Linux Serverbeheer
      • Windows Serverbeheer
      • DirectAdmin serverbeheer
      • Plesk serverbeheer
      • cPanel serverbeheer
      • Amazon serverbeheer
      • Computerhulp
      • Hyper-V serverbeheer
      • VMware serverbeheer
    • Server Monitoring
      • Linux Server Monitoring
      • Windows Server
      • SQL Server Monitoring
      • Microsoft SharePoint Monitoring
      • Exchange Server Monitoring
      • IIS Server Monitoring
      • DNS monitoring
    • Hosting
      • Cloud desktop
      • NAS server
      • Backup
      • Cloud
      • Cloudflare
      • Webhosting
      • WordPress
      • Managed
      • VPS
      • Plesk VPS
      • DirectAdmin VPS
      • Managed VPS
    • G Suite
      • Gmail
      • Drive
      • Agenda
      • Formulieren
    • Security
      • Malware detectie en verwijdering
      • Intrusion Detection
      • IP reputatie
      • DoS Detection
    • Remote of op locatie
      • Remote Hands / Smart Hands
    • Serverlease
    • ICT op kantoor
  • Ondersteuning
  • Contact
Contact
  • Home
  • Guide
  • Archive from category "Guide"
 

Category: Guide

A hackers-guide: How to hack WordPress

  • 0
Tijl
maandag, 26 november 2018 / Published in Guide

Right now 32% of the internet runs on WordPress. I don’t have to tell you that launching a website with WordPress done with the click of a button because you can. But with great power comes great responsibility so you also have to guard yourself for the thousands of hackers that want to access your data or trying to execute a man in the middle attack to get your precious revenue.

Hence the A Hackers-Guide. In this blogpost I will teach you which attacks are most common on WordPress and how to defend yourself against the daily only threats.

Why do hackers want to hack your WordPress website?

The motive changes with every website but the most common reason is that they want to access your database and get the credentials of the users. Although you might think that the information on your users aren’t that interesting they can be sold on (online) black markets.

How it works in action

To exploit this vulnerability, the attacker needs to attack in two phases:

First phase: The attacker uses a flaw in the system. For example, whenever you wish to log in to a website with incorrect credentials, the system might give you the following error message: ‘invalid username’. In this case, the bad guy needs to try until the response of the system is ‘invalid password’. In this case, the conclusion is that the username is valid and only the password is missing.

In many WordPress installations, it is possible to reach the usernames through the author archives. To access them, we just need to add ‘author=n’ as a parameter to the WordPress home page. Let’s see some examples:


www.example.com/?author=1
www.example.com/?author=2
www.example.com/?author=3
www.example.com/?author=4
After this process comes the second phase of the attack:

Second phase: When the bad guy has collected as many login names as possible there are no more steps to take. He only needs to hack into these accounts with a brute force attack. This could be a critical point, especially when an account has a weak password which can be hacked easily.

Vulnerable surfaces

An attacker can take advantage of this form of attack on several interfaces. Naturally, the most common one is the login surface. This can be attacked by the bad guys in an above-mentioned way.

The second major interface is the ‘forgotten password’ site. In this case, the attacker checks for the following system response: ‘username does not exist’. The hacker can attack again and again until he/she gets a response similar to ‘An email has been sent to the address on record.’ When this response is generated, that means that the username does exist and it can be attacked with a brute force attack.

The third interface is the registration site. Here the attacker needs to search for the following response: ‘the username is already in use’. This means that the username is registered, and as previously mentioned, it ‘only’ needs a brute force attack.

There’s a more advanced case in which the server’s response time is noted. In some cases, the server responds within seconds when the username is valid, but on average it takes longer to respond when the request involves a non-existent username. This method can be also valuable for the attackers.

How does Servermeister protect your server against this vulnerability?

Servermeister can defend your Apache webservers and the domains on it against WordPress user enumeration attacks perfectly. For this, of its nine modules, the SenseLog module’s ApacheWpEnumeration rule is responsible. The module analyzes the logs and if it finds the specific pattern for this attack request, it warns our system about the activity and moves the affected IP to the greylist.

I hope you found this article useful and interesting. Leave a comment below and share your thoughts about this topic, or if you have any questions, send us a message to [email protected]

This article was first published by BitNinja. Servermeister is a premium Bitninja Partner and active Hosting Security Company based in the EU.

Winkelmand

INFORMATIE AANVRAGEN

Vul onderstaand formulier in en wij nemen zo snel mogelijk contact met u op. U kunt ook mailen naar [email protected] of direct bellen op 020 89 500 45.

MEER INFORMATIE

Deel je ideeen met ons
en wij doen de techniek.

HIRING: ON

Tof talent gezocht!

Stuur je motivatie naar
[email protected]

ONTVANG WHITEPAPER

Lees waarom het uitbesteden van je IT beheer voor de meeste organisaties duizenden euro's kan schelen.
ZIJ GINGEN JE VOOR
Trustpilot

QUICKLINKS

  • Cloud
  • Contact
  • G Suite
  • Hosting
  • DirectAdmin serverbeheer
  • DirectAdmin VPS
  • Managed
  • Monitoring
  • Ondersteuning
  • Magento As A Service
  • Plesk as a Service
  • WordPress As A Service
  • Security
  • Server Monitoring
  • Linux monitoring
  • Linux serverbeheer
  • Webhosting
  • Cloud desktop
  • Serverbeheer
  • VPS

NIEUWSBRIEF

Blijf op de hoogte van de ontwikkelingen rondom Servermeister en actualiteiten rondom serverbeheer en beveiliging.

Legal

Privacyverklaring
Algemene Voorwaarden
Verwerkersovereenkomst

GET IN TOUCH

T +31 20 89 500 45
Email: [email protected]

Servermeister.com B.V.
kabelweg 44-A, 1014BB, Amsterdam

Een stabiele dienst aanbieden. Dat is waar ServerMeister voor staat. Je server/website nu bij ons of bij een ander staat, wij onderhouden hem met trots!
  • GET SOCIAL
Servermeister.com

© 2008 - 2017 ServerMeister B.V. - ServerMeister levert Managed Hosting, serverbeheer en andere managed online diensten aan bedrijven en particulieren.

TOP
We gebruiken cookies om ervoor te zorgen dat onze website zo soepel mogelijk draait. Als je doorgaat met het gebruiken van de website, gaan we er vanuit dat hiermee instemt.OkNeeMeer lezen