Automatic re-installation of plug-ins | hack-proofing

  • First off, I’ve been using WP now for a couple of years and am very happy with it. Thanks for all the hard work, guys!

    I’ve recently had 2 WP installations hacked, and doing my research saw that this is not an uncommon problem for WP or other database based tools.

    For a future version it would be great if one could automatically have all plug-ins re-installed — that would instantly have killed both my code injection cases. (For added points, it would be great if the changes could be outlined – that would speed up finding out what caused the malware attack; and actually make it possible for people without deep php/javascript knowledge to ensure that their blog is safe(r).

    Coming to think of it: would be awesome to have a function where wp would make an automatic backup of all *.js, *.php and *.css files under the WP directory every 24 hours. Prior to making the backup, any differences to the previous day’s backup would trigger an alert e-mailed to the admin of the page and showing a prominent warning on the dashboard, so that the admin can be warned of an intrusion (and ignore the warning if he had made the changes himself).

    And I’m sure you hard-working people are very much aware of those vulnerabilities coming from hackers injecting code — isn’t there a way to let people only write plain text messages?
    Furthermore, is there a way of blocking people from registering as users — and especially from being promoted to administrator level?

Viewing 7 replies - 1 through 7 (of 7 total)
  • Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    ?????? Advisor and Activist

    I see where you’re coming from, but alas, this is a server security issue more than WordPress. It’s a long, tough, argument about who is responsible for file sanctity. Personally, I run a cPanel backup every night at 1am of ALL my files, so I can always roll back a day or five. And my server is built to email me any time new files with email or spammish capabilities are added to the server.

    That said, there is this: https://www.ads-software.com/extend/plugins/wordpress-file-monitor/

    my server is built to email me any time new files with email or spammish capabilities are added to the server

    How do you get the server to email you about the new files?

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    ?????? Advisor and Activist

    It’s a built in feature of WebHost Manager (the cPanel uber-tool). Of course I don’t have an email of it handy to show what I mean (or get the specific name of the add-on that does it!), but basically any time a file that has the ability to email is added to (or changed) on the server, it pings me. Usually I only get it when I add a new plugin with new features or upgrade WordPress.

    Ahh ok I don’t run that. I was thinking there was some uber-script that might do it.

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    ?????? Advisor and Activist

    I’m sure there are some server side scripts and apps that can monitor changed files.

    Thinking of some…

    inotify (whose URL I cannot find…) for one
    https://freshmeat.net/projects/changedfiles/

    Thread Starter modifoo

    (@modifoo)

    I’m sure those are great tools, but require much more knowledge (and maybe server access) than I — and arguably most WP users — have.

    Having the option of re-installing all plug-ins would have eradicated my last hacker attack at once. Instead I had to search through all files to find the offending added content.

    Could it be possible to have a plug-in for WP that does that: e-mail me whenever a file is changed?

    Simple re-installation of the plugins would remove only the symptoms of the hack, though, not the cause. If we were to introduce a “push to reinstall” type button it might confuse some folk into thinking that that actually fixes a hack.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Automatic re-installation of plug-ins | hack-proofing’ is closed to new replies.