Escanor64
Active member
- Jul 4, 2022
- 133
- 215
- 43
Please take the time to read this!
In the past weeks, there have been several claims by users that resources from Babiato are riddled with malwares or that they downloaded resources from here only to get hacked or suspended by their hosting provider, with the recent complaint being this.
I actually use some of the resources here, most importantly Publisher Theme. I have several sites but my Publisher themed sites have suffered attacks the most. As a matter of fact, I wake up on some days only to see new categories and posts totally unrelated to my niches posted with several backlinks. All three of my Publisher-themed websites were successfully hacked, new posts created as well as new categories. Also, my files were modified with backdoor codes injected and funny media extensions uploaded to my root folder. I cleaned ALL, deleted my theme and plugin folders, reuploaded the Publisher theme and all of my plugins and changed all my passwords. A couple of days later, they were all hacked again.
Here was what I noticed; @TassieNZ shared the last update for the Publisher theme which was in July 2021 (well over a year ago). I'm not saying he did anything but a year since the last update of a WordPress theme and plugins is a recipe for disaster. Unfortunately, Babiato is well updated on the theme and it means the developers have not released any new update since over a year ago. Here is the official changelog of the Publisher Theme.
So, how do you prevent your WordPress blog/website from getting hacked?
1. CHOOSE a WordPress theme that is constantly updated! AVOID themes like Publisher, whether you buy from the developer or use the nulled version. It is a bad choice!
2. Disable theme and plugin editor on your WordPress backend. This is so that if your login details are hacked, it would be impossible to upload any malicious code into your root files. To do that, copy
define( 'DISALLOW_FILE_EDIT', true ); into your wp-config.php file just above the line that says ‘That’s all, stop editing! Happy publishing’ 3. Install Wordfence Premium from Babiato to your site. The free version is good but the premium is more robust. If you have a static IP, whitelist your IP and Immediately block IPs that access these URLs "/wp-login/" and "/wp-admin/". Also look through the settings and beef up your security.
4. Install Sucuri to monitor whatever changes was made to your files or activities done.
5. Disable the REST API for non-authenticated users. NOTE: Disabling the REST API completely breaks WordPress administrative functionality. If you want to disable access to REST API endpoints, you should instead only accept requests from authenticated users. Copy the following code snippet and then paste it at the bottom of your child's theme functions.php file:
add_filter( 'rest_authentication_errors', function( $result ) {
if ( true === $result || is_wp_error( $result ) ) {
return $result;
}
if ( ! is_user_logged_in() ) {
return new WP_Error(
'rest_not_logged_in',
__( 'You are not currently logged in.' ),
array( 'status' => 401 )
);
}
return $result;
});
6. Disable the XML-RPC API for your website. XML-RPC is a security hazard. It’s often exploited by attackers looking to break into your site or launch a distributed denial-of-service (DDoS) attack. Most of XML-RPC’s functionality has been superseded by the REST API anyway, so disabling it doesn’t affect your experience all that much. You can use the Disable XML-RPC free plugin in the WordPress directory to do this but I recommend Hide My WP Premium plugin. This is so because you need to blurt out some information from your website such as version number, etc., which hackers often use to exploit website securities. In my case, I later found out the hacker was remotely posting on my website using the XML-RPC API without needing to login to my sites after cleaning up the entire sites. I have attached a screenshot from the Hide My WP Plugin where the hacker was trying to call the API after I disabled it.
Hackers are smarter and so should you! All the best!!!
