Tag: forensics

Security, Tutorials, WordPress

The one SQL query that catches almost every backdoor admin in WordPress

| by admin | Leave a Comment on The one SQL query that catches almost every backdoor admin in WordPress
Close-up of WordPress JavaScript source code displaying themes:update functions and wp.updates handlers — typical view when auditing WordPress code (photo: Markus Spiske / Pexels)

If a WordPress site of yours has been compromised — even briefly, even silently — there’s a very good chance it now has at least one administrator account that you didn’t create. Most WP malware families plant one as part …

Continue reading "The one SQL query that catches almost every backdoor admin in WordPress"
Security, Tutorials, WordPress

Wordfence forensics: mining wp_wfhits and wp_wfissues to reconstruct a breach timeline

| by admin | Leave a Comment on Wordfence forensics: mining wp_wfhits and wp_wfissues to reconstruct a breach timeline
Top-down view of two detectives examining black-and-white photos and fingerprint cards on a desk — visual metaphor for piecing together a breach timeline from log evidence (photo: RDNE / Pexels)

If you’re cleaning up a WordPress compromise and the site has Wordfence installed, you have more forensic data than you think. Even on the free plan, Wordfence quietly logs every blocked request, every plugin-vulnerability advisory, every flagged file, and every …

Continue reading "Wordfence forensics: mining wp_wfhits and wp_wfissues to reconstruct a breach timeline"