80.gif

Search (advanced search)
Use this Search form before posting, asking or make a new thread.
Tips: Use Quotation mark to search words (eg. "How To Make Money Online")

09-09-2014, 07:16 PM
Post: #1
Malicious Premium Plugin Alert, Updated; How to Detect
How to Avoid Malicious Premium Plugins

The malicious premium plugin catches all of us, when we have our guard down. Specifically, Your security software, Wordfence, All in One, Bulletproof,etc, does not catch them. Yes, the "free" premium plugin, is great until, it breaks your system; there may be a few sites that explain the tools to guard against these malicious plugins and themes, but this post should cover what I have learned, "the hard way". Remember, These newly posted "premium plugins", may be look to be free initially, but they could cost you plenty[Image: 82headbang.gif][Image: 82headbang.gif][Image: 82headbang.gif], especially if your time is valuable.[Image: 82headbang.gif][Image: 82headbang.gif][Image: 82headbang.gif] Most people, want to try before, they buy. The reasoning is why pay, for something you don't use? But, watch out, who may have tampered with the plugin before you install? To avoid the heartache using unknown plugins, downloaded off the internet, load only one a time, so that you can track performance, and stability.


These free preventative plugins on wordpress.org. are the best investment you can make, as they target the issues your security software does not..


1. http://wordpress.org/plugins/baw-wordpre...y-checker/ Plugin Security Checker 2.21 This plugin will warn you if you're using or installing a vulnerable extension, removed from an official repository, a security must have plugin! This includes a list of a maximum known plugins to be vulnerable to any web security flaw, and also a list of more than 10.4k plugins removed from repository. Set it, and forget it.


2.http://wordpress.org/plugins/quttera-web...re-scanner The Quttera Web Malware Scanner plugin will scan your website for malware, trojans, backdoors, worms, viruses, spywares and other threats as well as JavaScript code obfuscation, exploits, malicious iframes, malicious code injection, malicious code obfuscation, auto-generated malicious content, redirects, hidden eval code and more. Also, it will check whether your website is blacklisted by Google and other blacklisting authorities Features:
  • One Click Scan
  • Unknown Malware Detection
  • External Links Detection
  • Blacklist Status
  • No Signatures or Patterns Updates
  • Artificial Intelligence Scan Engine
  • Cloud Technology
  • Detail Investigation Report

3. https://wordpress.org/plugins/sucuri-scanner/ The Sucuri Security - Auditing, SiteCheck Malware Scanner and Hardening is a security plugin enables you to scan your WordPress site using Sucuri SiteCheck for security and malware issues, and also verifies the security integrity of your core files right in your dashboard. It includes audit trails and post-hack security ions to help you reset passwords and secret keys in case it has been already hacked, or infected with malware. A manual process., but Sucuri is a very respectable name in security.

4. [b]https://wordpress.org/plugins/bruteprotect/ [/b]Brut Protect. Botnets attack millions of websites everyday using their Internet-connected programsBruteProtect is a security plugin that guards against botnets by connecting its users to track every failed login attempt across all installed users of the plugin. When you activate BruteProtect you become a part of an Internet-connected counter force that works against botnets.BruteProtect logs every failed attempt community-wideWhen an IP has too many failed attempts in a specific period of time, BruteProtect logs and blocks that IP across the entire BruteProtect network (your site included). The more users of BruteProtect, the safer we all are from traditional brute force attacks, and distributed brute force attacks that use many different servers and IP addresses. BruteProtect is safe for MultiSite and compatible with other security pluginsBruteProtect FULLY SUPPORTS multisite networks, and you’ll only need one API key. Go to the Installation tab to learn more about how easy it is to install and use BruteProtect. You can even use it alongside other security plugins, if you so desire.

5. http://wordpress.org/plugins/exploit-scanner/ Exploit ScannerThis plugin searches the files on your website, and the posts and comments tables of your database for anything suspicious. It also examines your list of active plugins for unusual filenames. However, It does not remove anything. That is left to the user to do.


6.[url=http://bestblackhatforum.com/http://wordpress.org/plugins/6scan-protection/ 6Scan Security is the most comprehensive auto-fix protection your WordPress site can get against hackers. Our security scanner goes beyond the simple rule-based protection of other WordPress security plugins, employing sophisticated algorithms to find and automatically fix security vulnerabilitiesautomatic security scanner finds and protects against:
  • SQL Injection
  • Cross-Site Scripting (XSS)
  • CSRF
  • Directory traversal
  • Remote file inclusion
  • Several DoS conditions
  • And many more, including all of the OWASP Top Ten security vulnerabilities. https://www.owasp.org/index.php/Top_10_2013-Top_10 Special Features and Benefits of 6Scan's top rated security suite of protection: * Automatic Vulnerability Fix: When vulnerable code is discovered, our Auto-Fix sever-side agent solution acts immediately to solve the security risk and mitigate the security problem. New hacker attack strategies, malware and vulnerabilities are constantly found and updated, keeping you always protected. * Automatic Malware Fix: The fix process immediately begins, reducing the risk to your site visitors, and your website being blacklisted on top search engines like Google. * One Click Installation:

7 http://wordpress.org/plugins/gotmls/ AntiMalware This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and it helps you remove them. A manual process, that uses intensive memory.
  • Automatic removal of "Known Threats".
  • Download definitions of new threat as they are discovered.
  • Automatically upgrade vulnerable versions of timthumb scripts.
  • Automatically patch wp-login.php to block brute-force attacks.
  • Run a Quick Scan from the admin menu.
  • Customize Scan Setting.
  • Run a Complete Scan from the Settings Page.
To identify which plugin is hogging resources, and how to monitor the plugin resource overhead, I recommend these 2 plugins.:

1. "Query Manager" http://wordpress.org/plugins/query-monitor/ a real time graphical tool (shows web system resources)
2. GoDaddy P3 plugin http://wordpress.org/plugins/p3-profiler/ Helps you indentify what plugins consume the most system resources.


Both plugins are invaluable as they will graphically depict loading and performance information. From somebody, that has broken lots of sites, It is best to carefully monitor, the performance and interaction of your "free" plugin, asthe removal, process is not always straightforward. It is best to only add one new plugin at a time, rather that load the boat, and get an overload. Cleaning a problem, is always moredifficult than installing a new plugin. You just don't know, how "bad" the cleaning process, will be. But please remember, if you will use an unknown plugin, downloaded off the internet, load only one a time, so that you can track performance, and stability.

Please add max reps if helpful.




7.gif