GDPR Vulnerability and how to fix your hacked website with this issue – Nov 2018

On November 9th it was discovered that the WP GDPR Compliance Plugin for WordPress (with over 100,000 installations) was exposed as having a flaw in the coding.

The issue that hit some of our clients and thousands of others on the internet was one of two variants in the wild.

  • One bot that hit websites only made a redirect script to change the URL of the WordPress installation to point to a Romanian Political website.
  • Another variant made new admin users, uploaded files, changed pages and more on the sites it infected.
  • You will need to identify if new files have been uploaded to your website, new users created that should not be there and remove these.
  • Signs of infections mainly consist of the website not loading, or not loading properly, or possibly redirecting visitors to erealitatea (dot) net.

(Source)

Simply editing the DB entries for these Site URL values, and uploading all related plugins was the solution. Additionally we installed Wordfence in every one of the affected sites, as it was reported, and observed by Sneaker that sites with the Free WordPress Security plugin were not affected by the bot. Wordfence has a built in firewall protection that works great with WordPress.

We in the past have only used Wordfence on a few of our client sites due to the resource intensive and memory usage on a server. When Wordfence runs scans on the website (an excellent feature) for changes, infections and more, it can and typically does slow down website responsiveness.

Previously our go to security plugin was iThemes which has another set of excellent features but no firewall. This issue popping up was enough to make us change our number one recommended free security plugin to Wordfence for our clients.

 

Additional protection is recommended on E-Commerce websites and at this time we are introducing some of our clients to Cloudflare.com a CDN network with built in – one click install WordPress front end firewall.

For these and other recommendations for your WordPress website – please read our post on Top 10 recommended WordPress plugins. 

For help in fixing your site from this bot attack, or other WordPress or software needs please contact us to find out how we can help you today!

 

 

Joseph Dispensa
Joseph Dispensa
Joseph has been working in Internet Technology in various aspects since 1994. He has traveled in Europe helping many organizations improve their technical reach and ability and firmly believes that technology can benefit any company when applied correctly.

Leave a Reply

Your email address will not be published. Required fields are marked *