How To Identify Potential WordPress Hacks

While WordPress is typically a secure and stable platform, it can fall victim to hackers when not maintained, or when poorly developed or outdated plugins are used.

One of the more common methods for hackers to hide the malicious PHP code inserted in to WordPress is to base64 encode the hacked code, and then use base64 decoding and eval() to execute the code at runtime. (If this has already exceeded your level of knowledge in PHP or WordPress, consult a qualified website developer or WordPress expert for assistance.)

Fortunately for WordPress users, base64 code is relatively easy to spot in PHP code, and looks similar to the following:

Since base64 encoding appears as a long string of random alphanumeric characters, it stands out within the PHP code. Typically, this encoding is used by a hacker to embed PHP code within WordPress to output links, redirect users to specific sites, and is worse cases, allow unauthorized access to the WordPress system and database.

While it is possible to manually search your WordPress theme code for base64 code, there are some plugins available that help scan and detect potentially malicious code for you. One of the more popular plugins is BulletProof Security, which is designed to protect a WordPress website against XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection hacking attempts.

While using a plugin such as this is more effective at securing a WordPress site than relying on manual inspection, it is critically important to review your WordPress theme and WordPress installation on a recurring basis. Understanding how your WordPress site is designed and configured will help you to more readily identity situations in which the site is not functioning normally. It will also become easier for you to spot changes in code structure that may indicate that malicious code has been injected in to the WordPress theme.

If you operate a WordPress site as part of a small business, or depend on site traffic as part of your ongoing web marketing campaign or membership drive, consider retaining a professional web consultant with WordPress security experience to review your WordPress installation. One malicious plugin can ruin the hard-earned reputation of a WordPress website, and cause membership levels to plummet. An experienced WordPress security consultant can quickly and easily locate, remove, and repair the damage caused by malicious PHP or JavaScript code, and help to prevent such issues from reoccurring in the future.