Preventing Website Defacement

Based on an article 'The Bloody Battle of Website Defacement: “ISIS” Hackers vs. WordPress' by Nimrod Luria, Co-founder & CTO of Sentri.

In 2014 a bug in MailPoet, a WordPress mail plugin, resulted in 50,000 sites being hacked by injecting a PHP backdoor. SoakSoak, one of the most publicized WordPress attacks in 2014, took advantage of a bug in a popular slider plugin and as a result over 100,000 sites were hacked. More recently, Slimstat, an analytics plugin, was found to be vulnerable to attacks exposing over 1M WordPress websites.

Best practice:

1.) Continuously check for the appearance of unknown files and directories and monitor them for changes.

2.) Applying updates on time.

3.) Read-only Web Server Account

4.) Color Persistence Monitoring

5.) DOM Inspection

6.) Digital Signing

All these are available from Advanced Web Application security solutions.