Stay organized with collectionsSave and categorize content based on your preferences.
Friday, December 15, 2017
Last week on#NoHacked, we have
shared on hack detection and the reasons why you might get hacked. This week we focus on
prevention and here are some tips for you!
Be mindful of your sources! Be very careful of a premium theme/plugin that's available
without payment
You probably have heard about premium plugins that are available without payment. If you've
ever stumbled upon a site offering you plugins you normally have to purchase for free, be very
careful. Many hackers lure you in by copying a popular plugin and then add backdoors or
malware that will allow them to access your site. Read more about a similar case onthe Sucuri blog.
Additionally, even legit good quality plugins and themes can become dangerous if:
you do not update them as soon as a new version becomes available
the developer of said theme or plugin does not update them, and they become old over time
In any case, keeping all your site's software modern and updated is essential in keeping
hackers out of your website.
Botnet in WordPress
Abotnetis a cluster of machines, devices, or websites under the control of a third party often used
to commit malicious acts, such as operating spam campaigns, clickbots, or DDoS. It's difficult
to detect if your site has been infected by a botnet because there are often no specific
changes to your site. However, your site's reputation, resources, and data are at risk if your
site is in a botnet. Learn more about botnets, how to detect them, and how they can affect
your site atBotnet in WordPress and Joomla article.
As usual if you have any questions post onour Webmaster Help Forumsfor help from the friendly community and see you next week!
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],[],[[["\u003cp\u003eWebsites can be compromised by spammers through various vulnerabilities, and understanding these methods is crucial for protection.\u003c/p\u003e\n"],["\u003cp\u003eExercise caution when obtaining premium themes or plugins, especially from unofficial sources, as they may contain malware or backdoors.\u003c/p\u003e\n"],["\u003cp\u003eRegularly updating your website's software, including plugins and themes, is essential to prevent security breaches.\u003c/p\u003e\n"],["\u003cp\u003eBe aware of botnets, which can infect websites and compromise their resources and data without noticeable changes to the site itself.\u003c/p\u003e\n"]]],["Websites can be compromised by spammers through various methods. Be cautious of free premium themes or plugins, as they may contain backdoors or malware. Regularly update all website software to prevent vulnerabilities. Botnets, which are clusters of compromised machines, can also infect sites without noticeable changes, risking data and reputation. Understanding how sites get hacked, being careful of sources, and keeping software updated are critical for site protection.\n"],null,["# #NoHacked 3.0: Tips on prevention\n\nFriday, December 15, 2017\n\n\nLast week on [#NoHacked](https://twitter.com/googlesearchc), we have\nshared on hack detection and the reasons why you might get hacked. This week we focus on\nprevention and here are some tips for you!\n\n- **Top ways websites get hacked by spammers:**\n\n\n Understanding how your site was compromised is an important part of protecting\n your site from attacks, here some\n [top ways that sites get compromised by spammers](/web/fundamentals/security/hacked/top_ways_websites_get_hacked_by_spammers).\n-\n **Be mindful of your sources! Be very careful of a premium theme/plugin that's available\n without payment**\n\n\n You probably have heard about premium plugins that are available without payment. If you've\n ever stumbled upon a site offering you plugins you normally have to purchase for free, be very\n careful. Many hackers lure you in by copying a popular plugin and then add backdoors or\n malware that will allow them to access your site. Read more about a similar case on\n [the Sucuri blog](https://blog.sucuri.net/2015/05/fake-jquery-scripts-in-nulled-wordpress-pugins).\n Additionally, even legit good quality plugins and themes can become dangerous if:\n - you do not update them as soon as a new version becomes available\n - the developer of said theme or plugin does not update them, and they become old over time\n\n\n In any case, keeping all your site's software modern and updated is essential in keeping\n hackers out of your website.\n- **Botnet in WordPress**\n\n\n A\n [botnet](https://www.wordfence.com/blog/2016/08/hacking-wordpress-botnet/)\n is a cluster of machines, devices, or websites under the control of a third party often used\n to commit malicious acts, such as operating spam campaigns, clickbots, or DDoS. It's difficult\n to detect if your site has been infected by a botnet because there are often no specific\n changes to your site. However, your site's reputation, resources, and data are at risk if your\n site is in a botnet. Learn more about botnets, how to detect them, and how they can affect\n your site at\n [Botnet in WordPress and Joomla article.](https://www.bleepingcomputer.com/news/security/wordpress-and-joomla-sites-fuel-resurrected-spamtorte-botnet/)\n\n\nAs usual if you have any questions post on\n[our Webmaster Help Forums](https://support.google.com/webmasters/community/)\nfor help from the friendly community and see you next week!"]]
