Support » Everything else WordPress » Constant probing attacks

  • Hello fellow WordPress users!

    I barely setup a couple of WordPress forums, and I’m already being inundated with different types of probing attacks from all over! Database, code, bruteforce, you name it!!

    The reason I happen to know this, is because I just installed Wordfence…thank God for Wordfence!!

    I would like to understand the nature of these probes; what vulnerabilities they are trying to uncover and how to protect myself by understanding their purpose.

    My questions is, please:

    Is there a forum(s) specifically for WordPress admins, where security and vulnerabilities and other WordPress everyday administration topics are discussed?

    Thank you so much in advance!!

    • This topic was modified 1 year, 6 months ago by Yui. Reason: moved to everything else WordPress
Viewing 2 replies - 1 through 2 (of 2 total)
  • Moderator Yui

    (@fierevere)

    ゆい

    All those “probes” are usually based on known vectors.

    A. Database of known vulnerabilities.
    Old and abandoned plugins, themes, their components (frameworks), sometimes even WordPress core.
    They check if your site has that plugin or theme and try to exploit.
    If not successfull – they try another probe from their list,
    when they tried their set of probes, they go to another site and do the same.

    Once they exploited some site. They install PHP shell or set of scripts,
    they use your site as doorway, steal your traffic, send spam, scan and hack other sites using same methods. Most such attempts are automatic, human hackers behind the scene are not directly involved into process, they only get the summary.

    B. Hosting

    Some probes are done on hosting too as it can use vulnerable software.

    C. Phishing and malware
    They can involve you and your computer into process, steal data from your device.

    D. Brute force attacks

    If you have bad and unsecure password, it can be guessed.

    You can continue reading this article –

    FAQ My site was hacked

    Thread Starter JLee

    (@karado58)

    Yui,
    Thank you so much!!!
    You have helped me tremendously with the resources and information supplied!!
    Thank you very much, Yui!
    Happy New Year!!

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Constant probing attacks’ is closed to new replies.