Why you should check WordPress sites you have migrated with the Duplicator plugin right now

WordPress Plugin Duplicator: Logo

WordPress Plugin Duplicator: Logo

If you’ve used the popular Duplicator plugin to migrate a WordPress site, it is time to check this installation right now. The simpe reasons: There could be files left over from the migration process, and currently, there is a growing number of scans by attackers trying to exploit these files.

There was no vulnerable code found in the Duplicator plugin itself. The problem is that when using Duplicator to migrate or restore a backed-up copy of a WordPress site, there are two critical files created, and not all users remove them as they should be.

Migrating or backing up a WordPress site with Duplicator generates two files:

  • an archived .zip file
  • installer.php.

By visiting installer.php, tje admin can restore all files and the WordPress database. The installer.php and installer-backup.php files can be reused after the restoration process to inject malicious PHP code in the wp-config.php file. Thus, an attacker could abuse these scripts to execute arbitrary code on the server and take it over.

Steps to take:

  • Update the WordPress Duplicator plugin to the version 1.2.42 or newer.
  • A new optional setting has been added for users to password-protect installer scripts – use this option
  • always remove the remaining files of Duplicator after restore
WordPress Duplicator: The installer

WordPress Duplicator: The installer

Always remember that removing temporary installation and migration files is an absolute must. Leaving them on your server exposes it to attacks.

Written by
Bernhard has been working as a tech editor for 10 years, then became a communications specialist. In 2011, he founded his own agency Lots of Ways. He is blogging and working with WordPress since 2006.

Have your say!

0 0

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Lost Password

Please enter your username or email address. You will receive a link to create a new password via email.