and some other common reasons:
2, into the script, HTML code or edit your posts directly.
6, bringing users to another site, or may be a phishing site.
for a WordPress like complex CMS, the user program is running on a different server, third party plug-ins, third party themes may also have some defects. When the destroyer entered your site with some defects, you’re in trouble.
is the main reason for black
2, from an infected computer into your WordPress site.
injection or SQL command.
is the latest
download is not the source of the theme, usually these themes are back.
to execute arbitrary code on your website, 1.
5, access to important data, such as your password.
3, the administrator account password is too simple.
9, backdoor. So even if you repair the defects that hackers can enter your website.
8, on your website, this post is only visible to the search engine, and is oriented to the hacker’s site.
is a very important reason is that you are a thing of the past, such as the WordPress core program, plug-ins, themes. This is why there are so many related services to upgrade easier. The WP remote and InfitniteWP is two free and good service.
WordPress is indeed a very good platform, has a wealth of third party plugins and themes, but also to bloggers and readers with great experience. However, if you do not pay attention to the website security, your blog will soon become a hacker in the eyes of the sweet cake. In this paper, we will discuss about the security risks of WordPress and some countermeasures.
in WordPress 3.X, a known vulnerability has 30.
7, cross site falsified records (CSRF).
10, PHP in your core code and theme file with some encryption code.
Create a hidden post
if you are running a vulnerable WordPress, hackers can destroy the following:
3, lead to access (the site to crash, CPU and bandwidth overload).
vulnerability information obtained