Securing a WordPress site with an SSL certificate is highly recommended for all website owners. By installing an SSL certificate, you are protecting any information passed back and forth between your site visitors and your web server. There are many benefits to adding an SSL certificate to your WordPress site, and it can be free to install!

An SSL certificate protects/encrypts any data that gets passed back and forth between web browsers and the web server your WordPress site is hosted on. The term SSL stands for Secure Socket Layer. Each browser will display whether a site is secured with an SSL certificate or not by showing a padlock right before the domain name in the URL bar at the top left. Browsers will also display a Secure or Not Secure message, depending on if a certificate is installed or not. 

WHAT DOES AN SSL CERTIFICATE DO?

SSL certificates provide protection for information a client sends back and forth from their web browser to your web server that your WordPress site is hosted on. Information that needs to be protected by encryption includes:

• Credit Card Data
• Email Addresses
• Names
• Login Details
• Phone Numbers
• Addresses
• Any other personal information a client might provide

Malicious admin users get added to vulnerable WordPress sites often. This can happen in a variety of different ways, and sometimes the malware that creates these malicious users can hide in plain sight. Injecting a malicious admin user into a WordPress site can allow attackers easy access back into a victims’ website after it has been cleaned. It is always recommended to review the WordPress administrators on your site often to best secure your site.

Important questions to ask when reviewing WordPress Admins

Some important questions to ask when determining whether a WordPress admin user is legitimate or not:

• Do I recognize this WordPress admin?
• Does the email address associated with the admin user appear safe?
• When was this admin user created?
• Does this admin user have any legitimate content attached to it?
• Did I or someone from my team add this admin user?

Vulnerabilities within WordPress can lead to compromise, and oftentimes known vulnerabilities are utilized to infect WordPress sites with more than one infection. It is common for out of date websites to be attacked by multiple threat actors or targeted by the same attacker using multiple different channels.

We recently came across a database injection that has two different pieces of malware accomplishing two unrelated goals. The first injection redirects users to a spammy sports website and the second injection boosts authority of a spammy casino website within search engines.

The discovery of two distinct infections within a singular site constitutes a significant finding, underscoring the importance of vigilant maintenance of updates and their inherent value.

The WordPress database is where unique data is stored pertaining to a WordPress site that houses custom information, ranging from WP admin users to unique posts and pages. Managing the database is an essential task when troubleshooting a WordPress site. This is where you can easily switch the theme and find your WordPress version. The two recommended pieces of software to manage a database are Adminer and PHPMyAdmin.

PHPMyAdmin

PHPMyAdmin is a common piece of software used to manage databases. You can view and download this software on their verified website. This software is often preinstalled on many hosting servers for easy access to manage databases.

Adminer

Adminer is a piece of software used to manage a WordPress database. It is not as common as PHPMyAdmin, but is quite useful and easy to use as it is only one single PHP file. To utilize Adminer, all you need to do is upload the PHP file to your file structure and access it via a browser directly on your site.

A recent infection has been making its rounds across vulnerable WordPress sites, detected on over 160 websites so far at the time of writing. The infection is injected at the top of legitimate JavaScript files and executes a script from the following malicious domain: https://jquery0[.]com/JkrJYcvQ

At first glance, this domain appears to be legitimate. However, attackers have intentionally selected the domain name with the intention of deceiving webmasters. It’s nearly identical to https://jquery.com — a website belonging to the popular JavaScript library jQuery.

It was quite fun researching this fake domain and writing a blog piece on it that is featured on the Sucuri Blog.

A 500 Internal Server Error can occur on a WordPress site for many different reasons. This error can easily frustrate a website owner as it is very generic, yet also happens to be one of the most common errors a WordPress site experiences. Below are useful tips to remember before troubleshooting a broken WordPress site:

• • Review each troubleshooting method to get a WordPress site working again. You may need to perform multiple steps to get a site functional again. (Disable plugins & your theme for example.)

• • When disabling a configuration file like an .htaccess file, check directories above your webroot and disable ones above too when troubleshooting.

• • Always backup your website before replacing any files.

Sometimes a restore is the best & fastest option!

What causes a 500 Internal Server Error?

Because a 500 Internal Server Error is a generic response, there are many different reasons a site may succumb to this error. WordPress is a powerful CMS where many plugins & themes can be added to make each site unique; this also creates more entry points and room for errors to occur. A 500 Internal Server Error can occur for the following reasons:

• • Plugin conflicts

• • Theme conflicts

• • .php.ini/.user.ini file issues

• • .htaccess/web.config file issues

• • Corrupted core files

• • PHP memory limit problems

Above are common examples as to what causes this error to occur on a WordPress site. Let’s move on to the next section to review how to troubleshoot this error to determine where this issue stems from.