{"id":35223,"date":"2021-11-16T09:00:00","date_gmt":"2021-11-16T01:00:00","guid":{"rendered":"https:\/\/www.casbay.com\/blog\/?p=35223"},"modified":"2022-09-22T18:11:37","modified_gmt":"2022-09-22T10:11:37","slug":"what-is-a-wordpress-security-scan","status":"publish","type":"post","link":"https:\/\/www.casbay.com\/blog\/tips-sharing\/what-is-a-wordpress-security-scan","title":{"rendered":"What is a WordPress Security Scan?"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"35223\" class=\"elementor elementor-35223\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-bb5215a elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"bb5215a\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-e614734\" data-id=\"e614734\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-e1ca39f elementor-widget elementor-widget-text-editor\" data-id=\"e1ca39f\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">The WordPress security scanner is a plug-in that can be installed directly on your website. WordPress Security Scanner checks the application security, <a href=\"https:\/\/www.casbay.com\/blog\/tips-sharing\/what-are-wordpress-plugins-and-how-do-they-work\">WordPress plugins<\/a>, hosting environment and web server. This type of security plug-in scans your core files and all pages of your website to see if you can find security vulnerabilities. Most security vulnerabilities are difficult to find because you cannot see them. In most cases, website owners do not realize a security breach until hackers, malware, and other malicious activities take advantage of it or run a security scanner.<\/span><\/p><p><span style=\"font-weight: 400;\">The basic security check will check for common security-related misconfigurations in the WordPress installation. Testing with the basic check option will use regular web requests. The system downloads a small number of pages from the target site, and then performs analysis on the generated HTML source.<\/span><\/p><p><span style=\"font-weight: 400;\">The more aggressive enumeration option tries to find all the plugins\/themes used in the WordPress installation and tries to enumerate the users of the site. These tests will generate HTTP 404 errors in the web server logs of the target site. <\/span><\/p><p><span style=\"font-weight: 400;\"><strong><span style=\"color: #ff0000;\">Warning:<\/span><\/strong> If you test all plugins, this will generate more than 18,000 log entries and may trigger intrusion prevention measures.<\/span><\/p><p><span style=\"font-weight: 400;\">When determining all the plugins, themes, and users of a website, you begin to understand the attack surface. With this information, you can perform further tests on the discovered resources.<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-346c93a elementor-widget elementor-widget-heading\" data-id=\"346c93a\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Why is WordPress Security Scans important?<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-fc08052 elementor-widget elementor-widget-heading\" data-id=\"fc08052\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">1. Prevent personal information from stolen<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-51d974c elementor-widget elementor-widget-text-editor\" data-id=\"51d974c\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Hackers can obtain enough personal information from your website to impersonate you when needed. The WordPress website collects personal information such as your name and email address. The hosting website collects more information, including payment details. Some commercial websites collect sensitive data from customers, so they become important targets for hackers. If your sales go down, losing this information may cause your business to close down because people lose confidence in your store.<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9709119 elementor-widget elementor-widget-heading\" data-id=\"9709119\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">2. Vandalism<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-305cf10 elementor-widget elementor-widget-text-editor\" data-id=\"305cf10\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Some hackers are stealing information, but others are causing trouble to website owners without their knowledge. Skilled hackers can visit your website without being seen and can make changes to the website. For example, they can change your product description or replace posts with inappropriate content that might attract customers.<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ae9529d elementor-widget elementor-widget-heading\" data-id=\"ae9529d\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">3. Stealing Your Bandwidth<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-94d7360 elementor-widget elementor-widget-text-editor\" data-id=\"94d7360\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Since most hosting accounts charge additional website traffic and bandwidth fees, hackers can try to use your website to send hidden data, so there is no need to pay for it. This may cost you money and cause your website to be suspended. If this happens, you must jump over many obstacles to get it back online. You can avoid all these problems by using the WordPress security scanner to find and close vulnerabilities in your website before they occur.<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-259e154 elementor-widget elementor-widget-text-editor\" data-id=\"259e154\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Feel free to check out this article about security tips for <a href=\"https:\/\/www.casbay.com\/blog\/tips-sharing\/tips-to-secure-your-site-from-digital-treats\">WordPress Security<\/a> Plugins, or you can visit our <a href=\"https:\/\/www.casbay.com\/blog\">Casbay Blog<\/a> or <a href=\"https:\/\/www.casbay.com\/guide\">Knowledge Base.<\/a><\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>The WordPress security scanner is a plug-in that can be installed directly on your website. WordPress Security Scanner checks the [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":35231,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"default","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"footnotes":"","_wpscppro_custom_social_share_image":0},"categories":[89],"tags":[99],"_links":{"self":[{"href":"https:\/\/www.casbay.com\/blog\/wp-json\/wp\/v2\/posts\/35223"}],"collection":[{"href":"https:\/\/www.casbay.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.casbay.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.casbay.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.casbay.com\/blog\/wp-json\/wp\/v2\/comments?post=35223"}],"version-history":[{"count":5,"href":"https:\/\/www.casbay.com\/blog\/wp-json\/wp\/v2\/posts\/35223\/revisions"}],"predecessor-version":[{"id":35232,"href":"https:\/\/www.casbay.com\/blog\/wp-json\/wp\/v2\/posts\/35223\/revisions\/35232"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.casbay.com\/blog\/wp-json\/wp\/v2\/media\/35231"}],"wp:attachment":[{"href":"https:\/\/www.casbay.com\/blog\/wp-json\/wp\/v2\/media?parent=35223"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.casbay.com\/blog\/wp-json\/wp\/v2\/categories?post=35223"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.casbay.com\/blog\/wp-json\/wp\/v2\/tags?post=35223"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}