I have been thinking to write this post for long time, although, couldn’t get time to write details about this major security issue. From my experience, I have seen a big percentage of users are using WordPress and a certain percentage always face some sort of Web Injections (Iframe for example) with any shared hosting provider. This post would go into deep to study why these web injections are occurring and how can you protect your wordpress blog from these sort of issues.
How can you protect your wordpress blog? Couple of things, one, try to make sure, scripts which don’t need write permission (Like configuration file/includes files) set with read & execute permit (555) only. You can do this using file manager or ftp with the “Change Permission” or “Chmod” option. If you see one your worpress blog is injected, then you would probably want to change your theme first to see if it gets injected again. If it does, then the issue should relate to some plugin which you have to verify one by one.
Alternatives? Yes, there are 4 pretty important wordpress security plugins you would probably want to use. Here are they:
1. WordPress Firewall Plugin: http://wordpress.org/extend/plugins/wordpress-firewall/
2. WordPress Antivirus Plugin: http://wordpress.org/extend/plugins/antivirus/
3. Secure WordPress Plugin: http://wordpress.org/extend/plugins/secure-wordpress/
4. Wp-Malwatch Plugin: http://wordpress.org/extend/plugins/wp-malwatch/
All of them are perfectly working and the easiest way for a shared hosting user to detect and protect their wordpress blog from web injections automatically. What they do, is protecting your files from being written or watching how they are being edited. They are doing the very similar thing I suggested above but in realtime. I would probably recommend the wordpress firewall plugin, as you can configure it to load first out of your all other plugin and help you to test if one of your plugin is vulnerable.
Now, my readers will definitely ask, why didn’t I just let them know about those plugins which would help their blogs from web injection in the easiest and fastest way, I would probably say, it was my intention to let you understand how this is happening and what are the basic steps you can perform to prevent this. Merely using the plugin may not solve the issue, rare but not impossible 🙂
Just a quick reminder, we at Mellowhost maintains the best protective security for your blog. But everything has a limitation. These sort of injections are a part of limitations. It is pretty hard to understand developer’s mind and apply a patch to protect his fault at the server level. This is why, it is advised to to take precautionary measures all within your range. You should have no worries about the server as long as you are hosted with Mellowhost 🙂