2021-02-09 00:00:00

Securitybreak in|directory|hacking|login|plugin|protection|Wordpress

These Wordpress hacking attempts were the most common in 2020

Wordpress is the world's favorite software for publishing and e-commerce on the internet. This makes it a lucrative target for hackers and criminals. A range of software tools and services is available for securing Wordpress sites, but not all sites are protected and sometimes hackers are simply one step ahead. Here are the most common ways Wordpress servers are attacked.

Wordfence, a security product for Wordpress developed by Defiant Inc., has collected a massive amount of statistics about the ways people are trying to break in to Wordpress servers. The 2020 statistics show how busy the internet is with relaying hacking attempts against Wordpress servers. Wordfence says:

Over the course of 2020, Wordfence blocked more than 90 billion malicious login attempts from over 57 million unique IP addresses, at a rate of 2,800 attacks per second targeting WordPress.

Top 5 most common Wordpress attack methods in 2020

According to Wordfence statistics:

  1. Attempts to access Wordpress program or configuration files was the number one method at 43% share of all attacks.
  2. SQL Injection was the second most common type of attack at 21% of all attempts.
  3. Malicious file uploads at 11% share. They are usually intended to achieve Remote Code Execution(RCE) capability.
  4. Cross-Site Scripting(XSS) at 8% share was the fourth most common category.
  5. Authentication bypass at 3% share was the fifth.

2020 statistics from the security program that protects our Wordpress servers reflect the trends Wordfence has detected. Attempts to access Wordpress core software directories was the most frequent malicious activity. Attempts to login was number two.

Since plugins are a common way to break in to Wordpress servers, we have chosen to minimize the number of plugins on our sites. Instead, we run, among others, Wordpress security and statistics programs directly on the operating system. Wordpress doesn't have any connection to these pieces of software, so they can't be used to access Wordpress.

For Wordpress statistics, Awstats software works well. Awstats is a generic statistics program that collects data from web server log files. Installing and configuring Awstats software requires an effort, but it works like a clockwork after that. Wordpress setup doesn't have to be changed at all.

For Wordpress security, we use a program that runs on Linux operating system, scanning for suspicious activity directed towards Wordpress installations running on the server. Since the program runs outside Wordpress, it can stop attacks before they enter the publishing system. Security plugins installed for Wordpress run inside the publishing system.

Basic security settings for Wordpress are explained in this article and video talk. Wordfence is producing a podcast series that talks about security, including tips for Wordpress users.

News

2025-01-15 08:59:00

Not to mention travel – when real life experiences in a destination don’t match the expectations and everything that can go wrong, goes wrong. Well, that’s the beauty of #travel. #Europehttps://klaava.com/nitpickers-travel-journal-travel-lessons-learned-in-2024/


News

2025-01-11 13:25:00

A conclusion from the Traffic Scorecard 2024 results is it takes about double the time to drive along the streets of London (the most congested city in #Europe) than the streets of Munich, which is ranked the 21st most congested European city. #traffic #travelhttps://klaava.com/the-cities-in-europe-where-people-are-stuck-in-traffic-most-often/


A shop dedicated to tasty juice

2025-01-09 14:04:10

arihak

A shop dedicated to tasty juice


in the busy old town center.

2025-01-08 16:16:08

in the busy old town center.


News

2025-01-07 14:56:00

A reminder for keeping your data safe when traveling. Why? It is likely that you have to access your most critical data in risky situations on the road.https://cybernews.com/privacy/how-to-protect-your-sensitive-information-while-traveling/


News

2025-01-02 16:33:00

What about the scenery, you who are hurrying to the other side?#streetphotography#streetphoto


News

2025-01-01 16:06:00

According to a survey, third of travelers are victims of online booking scams. Since it is so convenient to make travel reservations online, that’s what we do. The problem is that we haven’t adopted new methods to avoid online scams. #travel #scamhttps://klaava.com/a-traveler-is-more-likely-to-get-scammed-when-booking-a-trip-than-being-robbed-in-a-destination/


Perhaps road builders had too much time?

2024-12-29 15:19:44

Perhaps road builders had too much time?


News

2024-12-27 18:25:00

#Photography is full of so-called “rules” that can feel overwhelming. However, some of these “rules” are downright myths.https://www.diyphotography.net/debunking-seven-common-myths-photographers-still-believe-in/


What should I read next?

2024-12-25 15:18:22

arihak

What should I read next?


News

2024-12-23 11:34:00

Since #EU #DMA has specified #Apple as a #gatekeeper in #mobile devices, EU considers Apple should implement several iOS connectivity features, predominantly used for and by connected devices. For instance, notifications, automatic Wi-Fi connection, AirPlay, AirDrop, or Bluetooth audio switching.https://digital-markets-act.ec.europa.eu/commission-seeks-feedback-measures-apple-should-take-ensure-interoperability-under-digital-markets-2024-12-19_en


News

2024-12-21 14:51:00

Smartphone users in the US are not impressed with the latest artificial intelligence features on their devices with 73 percent of Apple users and 87 percent of Samsung users unsatisfied, according to a new study. #phone #AIhttps://petapixel.com/2024/12/19/majority-of-smartphone-users-are-unimpressed-with-ai-features-study-finds/


There should be enough ice already to open the hotel

2024-12-20 16:40:17

There should be enough ice already to open the hotel


Hiking on a mountain experience: the end of an ancient tunnel

2024-12-09 14:12:31

arihak

Hiking on a mountain experience: the end of an ancient tunnel


on a hot summer day

2024-12-02 18:47:01

on a hot summer day


Cloudy day in a valley

2024-11-25 16:31:59

arihak

Cloudy day in a valley


In the shade of a lone palm tree

2024-11-25 15:46:29

In the shade of a lone palm tree


an abandoned town?

2024-11-07 18:35:22

an abandoned town?


A quiet moment between heavy rain

2024-10-24 17:34:45

A quiet moment between heavy rain


Everyone loves a pretty mountain scenery

2024-10-24 16:54:02

arihak

Everyone loves a pretty mountain scenery