Why and How My Website Got Hacked?

Have you thought, why anybody will hack your business website? It looks very exciting in movies, but in actual practice its all about envision human interests, taking an opportunity, and veritable perseverance.

Learn how hackers think, and how you can protect your business website.

WordPress is the Market Leader

Certainly, WordPress is the most popular content management system (CMS) for designing websites. It covers an impressive 59% of the CMS market share. This popularity also leads to a prime targeted platform for Hackers and other malicious users. Commonality, we think that why anyone will hack my website? I have nothing valuable for anyone on my website. It is the wrong perception to approach the web with.

A wretched statistic shows that there are roughly 25% users globally who are well informed and able to handle medium-to-high difficulty tasks. In this article, we go through some of the common practices in which a website can be compromised, some reasons why websites get hacked and what users can do to protect themselves.

How Are Websites Hacked?

When we hear the word “hacker”, the most common image that comes in our mind is
a black hooded man sitting in front of dark screen running lines of code. In fact, the most common hacks are quite simple in nature. Not all types of hacking stem from code either. Social hacking – attacks are still some of the most threatening ones.

According to Wordfence (WP security plugin) monthly security reports, the majority (91%) of attacks are actually brute force attacks.

A brute force attack is a very simple concept. Just try to login someone’s website by putting /wp-admin at the end of the url, try to login with different combinations of usernames and passwords. In this way you are essentially commencing a brute force attack. Now imagine if you had access and a script that automatically tries to log in using different combinations of usernames and passwords. There is a high chance for insecure accounts to be cracked this way.


There are other ways also that Hackers use for their malware injections. As we know WordPress themes use a number of plugins to function properly. Sometimes because of poor code quality and innovations in the field of hacking – exploits can be found by the hackers. Hopefully, a white hat hacker, was the one who found the exploit in the theme plugin files. In any case, after exploits are known, they are added to vulnerability lists which are easily accessible over the internet on the websites. There are also malware attacks that are aimed directly on the server. It is a very complicated and broad term of hacking.

[su_spacer size=”30″]

Why Are Websites Hacked?

Now We come to know that how websites can be hacked, but the question is why it was hacked? And it still remains unanswered. There are so many reasons that that why hackers target your website with malware injections and viruses. The most complicated form is Advertising: there are many ways to ad injection attacks, as they are known.

Another common source of hacking one’s business website can be to simply deface it as a part of hacktivism. These causes vary as per the groups who are carrying these websites. Unfortunately, all hacks are not visible and some of them can be quite difficult to track. If you are using wordpress as shopping portal then you might save your client’s details like credit card details or any personal information. This information is quite valuable for hackers and they will not make their presence known so that they can keep exploiting this information from the website.

How Can I Protect My Site?

There are few basic steps that you can take as a protective user to protect your business website. Here is a simple security checklist you can use:

    • Keep your passwords secure: always use a strong password as for admin levels and force user as well for strong passwords. For this you can use iThemes security plugin. Do not repeat your password on multiple sites. Update your website passwords every two months.

    • Never use admin or publicly available emails for your admin account: always use a different username for your website. Never use ‘admin’ as your username.

    • Update your website time to time: As we know, that recognised exploits are made public. If you are using outdated versions of plugins or themes then you are might be at risk.

    • [su_quote cite=”GET UPDATE” url=”https://www.riacube.us/wordpress-update/”]We highly recommend you to Update your WordPress Version![/su_quote]

      Need Help? Call Us: +91-(980) 3069 555, +91-(931) 7729 555

    • Use a reputed web hosting company: hosting services provided by an non reputed company may lead your website being hacked again and again because another website on the same server was compromised.

    • Only grant access to users you can trust: don’t give access of your website to everyone or who you don’t fully trust. Not everyone needs to be an admin.

    • Use a security plugin: similar to antivirus programs, there are security plugins for WordPress websites. iThemes security and Wordfence are popular security plugins for wordPress.

    Stay safe, stay informed!

IMP: WordPress Brute-Force login attack proactive mitigation.

sql-injection-wordpressIn an ongoing effort to make you aware of security and performance concerns, we wanted to inform you of an ongoing event.

There is a brute-force login attack targeted at websites with WordPress. Due to the nature of the attack, memory consumption on targeted servers has increased. In some cases this has resulted in degradation of performance, and unresponsive servers. This is due to a high volume of http requests which can cause some servers to start swapping memory to disk, and possibly run out of memory. The most impacted servers tend to be those with limited memory resources, especially those with 1GB of RAM or less.

Our monitoring team has been proactively restoring service to managed servers which have been affected. We have taken proactive steps to reduce the impact of this event. We have tested a new ModSecurity rule, and deployed it via our ServerSecure service to customer servers. This new rule will block http requests to the WordPress login page after 10 failed login attempts. The attacking IP address will then be blocked for 5 minutes.

WordPress DDOS Attack & How to Login on WordPress Site

ddos-attackThis information concerns you if your have bought Linux Hosting from us and especially if you are a WordPress developer or administrator of its installation.

Since last week there has been a Distributed Denial of Service (DDOS) Attack on WordPress Installations throughout the Internet.

Since yesterday this attack has increased in its severity leading to service disruptions of many hosting providers including ours. This DDOS involves 90000+ IP’s and has impacted even major web hosting companies.

More details of this DDOS attack are mentioned at :

http://arstechnica.com/security/2013/04/huge-attack-on-wordpress-sites-could-spawn-never-before-seen-super-botnet/

http://thenextweb.com/insider/2013/04/13/brute-force-attacks-on-wordpress-continue-as-cloudflare-fends-off-60m-requests-in-1-hour/

http://krebsonsecurity.com/2013/04/brute-force-attacks-build-wordpress-botnet/

You can learn more about DDOS at http://en.wikipedia.org/wiki/Denial-of-service_attack

At RiAcube we have taken several steps to mitigate these attacks. One of the step is that we have dis-allowed direct access to wp-login.php. Instead please point the browser to wp-login-rn.php . Directly accessing wp-login.php may lead to blockage of your IP in certain scenarios.

Also please refer to https://wordpress.org/extend/plugins/better-wp-security/ to learn about how to ensure better security for your WordPress setup

For further details/clarification, please call us at (+91) 980 306 9555, (+1) 571 229 5559 or email us at admin@riacube.us . In-case your IP has been blocked, please visit http://whatismyip.com and email us your IP so that we can un-block it.

WordPress DDOS Attack – How to Logout

This information is in continuation of our previous post ‘WordPress DDOS Attack and How to Login‘. This concerns you only if your have bought Linux Hosting from us and you are a WordPress developer or administrator of its installation.

To properly Logout after you have logged in via wp-login-rn.php, you have to put wp-login-rn.php instead of wp-login.php in the browser’s address bar when Log out is clicked. Please press the enter key after making change in the address bar.

Protect your WordPress website from Malware and Viruses

WordPress is a most popular Content Management System (CMS) platform for single blogs to large business portals. Today, WordPress is powering over 75 million websites. However, with growing popularity comes with growing dejection. Web-based malware attacks have gone up by 85% in 2016-2017 and since WordPress is a most popular platform it gets more suspicious attacks.

We have faced many instances where our client’s websites have faced vulnerabilities such as SQL injections, PHP code injections & Javascript Malware injections. As a WordPress user how can you protect your website from these injections?

Here are few steps to get started…

1. WordPress Update

Most common attacks/injections happen because of outdated WordPress files or plugins. WordPress has a very great and strong community; as-soon-as, malware is detected, it gets plugged. So it is first basic step to stay updated.

Important Note: Before you update your WordPress version, do take a backup of your website files and database separately. For more information, feel free to contact sharat ’@’ riacube.us

2. File and Folder permissions

Go to your cPanel and set the File permissions to 644 and folder permissions to 755. Files with 777 permissions are ready to welcome hackers to set-up malware base on your website.

3. Make ‘USERNAME’ harder for the hackers!

WordPress lets you give admin access to other user accounts. So, use a unique username instead of ‘admin’ as username for login.

4. Change wp-config.php file location

This is another file which is mostly affected by attackers and by default it is located at your_host/wordpress/wp-config.php. You can move it to the root directory i.e your_host/wp-config.php. This way, you actually befool hackers, b’cos they can’t search your file location, un-till they are in-side your system.

5. Themes and Plugins

Be aware of pirated themes and plugins. Always use themes from trusted sources. These pirated themes and plugins usually contain spam bots which can harm your website. Also, in worst case – they can steal your critical information.

6. Secure Server Connections

HTTPS is most secure way of transacting online. Use sFTP or SSH instead of FTP. Keep your website secure with SSL certificate, it’s not that expensive with us. Check our SSL Certificate page for more information.

7. Regular Backups

As the old precept goes, prevention is better than cure. We surely suggest premium backup solution which can take full & secure backups of your site regularly after a given interval of time.

So, Secure your website and protect yourself from these malware attacks.