How to find backdoor in your wordpress site

I often experience that when I access my client’s website through Google, it’s been automatically redirected to another site.

When a trusted website is being redirected to another website, that is a sign of your website is being hacked and some scripts are modified to create the automated redirection. In most cases that we found, there is a backdoor created by the hacker which allowed them to bypass normal authentication and gain access to your wordpress site.

So what is backdoor?

Backdoor is referred to a method of bypassing normal authentication and gaining remotely access to the server while remaining undetected. They often survive wordpress upgrade.

How do we find backdoor?

Backdoors are mostly found and disguised in these places:

1: Themes : Theme are the most vulnerable location to attack. We mostly use theme, demo version but none of the theme is been made by us. So the theme developer makes a loop hole to enter hackers to your website and exploit it. This is a cheap marketing technique is been used by all of top companies in order to sell their product.

Hackers generally attack header.php, footer.php and index.php of your wordpress site. So I recommend if you found any suspicious coding, please avoid using that particular theme.

2: Plugins : Like themes, plugins are another great place to exploit your site. We use plugins mostly to avoid hard-coding in wordpress. So we barely even notice plugins nature, its rating, its development company and compatibility. That is why a poorly coded plugins lead your website to be hacked.

3: Uploads Directory : The most overlooked folder in WordPress is Uploads directory. All the images of your site is stored in this directory. That is why hackers easily upload backdoor in the uploads directory and eventually it will hide among thousands of media files.

Also read : How to make a backdoor in wordpress?

4: Includes Directory : /wp-include/ folder is another place that we find backdoors. Some hackers will always leave more than one backdoor file. Once they upload one, they will add another backup to ensure their access.

5: wp-config File : This is also one of the highly targeted files by the attackers.

6: .htaccess File : Generally .htaccess files are hidden by default, that is why if hackers redirect your website to targeted website you can’t even recognize how to fix that.

Lastly I recommend you to use best hosting and use daily backup in case of any fatal happened. Use plugins like Akismat, Jetpack, Vaultpress and Backupbuddy and a strong password. If you ever get hacked, you always have a restore point.

Stay alert and don’t use suspicious themes or plugins in your website.