I was absolutely amazed recently when I checked my various WordPress Website log files and discovered just how many random hack attempts there are on a daily basis. I wrote yesterday about various WordPress security measures.
How to discover Hacking Attempts
In this case all I have done is check my error 404 ‘not found’ log. It’s a good idea to occasionally check to see how many 404 errors are being returned as this is a great way of detecting broken links to your Site or even on your Site. By the way, WordPress automatically has a 404 Page that a visitor is redirected to if they encounter a 404 error.
In WordPress I use the Redirect Plugin which logs 404 errors.
What to look for in the 404 Log
A few basic things may be checked quickly and easily in the 404 log file;
- Repeat attempts to access a file or image from the same IP address
- Attempts to access a Theme or Plugin that you don’t have installed
- Any link with ‘php?http’ in it e.g. http://example.com/thumb.php?src=http://example2/depois.php
What to do if Hackers are trying to access your Site
Please see my post about WordPress security in order to toughen up your WordPress security a bit. I’ve noticed that there are many random hack attempts trying to access vulnerabilities in TimThumb. It is absolutely critical that you keep any Plugins or Themes that use TimThumb updates at all times (and don’t use any Themes or Plugins that use TimThumb and haven’t been updated recently).
Contact me if you need assistance securing your WordPress Site.