All about SQL Injection Attacks on WordPress

I am taking a short break from the Gimp Video Tutorial Series.  The last few days I have been in recovery mode after my site was hacked.  My site wasn’t coming up, and I couldn’t even get to the administration area.  It turns out (after much research) that the attack was an SQL Injection.

Also called an SQL insertion attack, this form of hack is accomplished by inserting SQL Database code into a webform or some part of a site that is run on top of a database.  Now this does sound a bit complex, but it can have some dire consequences.

I am far from a security expert, but necessity is the mother of invention.  I have learned that if you have a Blog you need to become a mini security expert.

So this “rogue” SQL statement is executed, causes your database to freak out, and allows the hacker to manipulate files and routines on your website that generally only you have power over.

In my case the attack inserted code into all my index.php files.  The code was a type of re-direction that if it was successful would have directed visitors to another website (some site in .ru).  It turns out that the code was not inserted properly and just broke the index.php files and gave a WSOD (white screen of death) when my site was visited.

I fixed my site after the first attack, and within 24 hours I had another one.  Same files, same symptoms.  Nevertheless I appear to have recovered and am in the clear (for now).  Here are the steps I have taken to insure security of my websites:

1. Make sure all directories and files have correct permissions set
  • Directories: 0755
  • Files:  0644
I believe one of my problems could have been directories and/or files set to 777 which allows others to write to them.

2. Install Security Plugins for WordPress Installation

The Plugins I recommend are:

WP Security Scan – http://semperfiwebdesign.com
This plugin checks your installation for potential security holes
WordPress File Monitor – http://mattwalters.net
FIle monitor keeps track of any files that change and can send you an e-mail
WordPress FireWall – http://www.seoegghead.com
This plugin acts as a firewall to prevent unauthorized activity.  This firewall will protect against SQL injection attacks.

I recommend visiting these sites for details.  These are great plugins that can provide peace of mind.

The bottom line is that it is not if your site gets hacked, but when.  You need to be prepared, and I hope that this post finds it’s way on to the search engines so that it can help others.

Let me know in the comments, or in an e-mail of any additional precautions you take with your sites.

-Loren

Republished by Blog Post Promoter

Tags:

Related posts