How to Remove TimThumb Hack From WordPress Website?
Developers who have been involved in the WordPress community for many years must have heard of the TimThumb. It’s a PHP script that resizes thumbnail images that you can display on your site.
TimThumb was massively popular so much so that a number of themes had it bundled with their offering. But it exhibited a vulnerability that allowed for millions of WordPress sites to get hacked. Even today, we see hacks because of it.
If you are wondering whether your site is affected by TimThumb vulnerability then you can scan your website to find out. In this article, we’ll show how to scan your website and clean it if your site is hacked.
TL;DR: If you think that your website is already compromised and you want to clean it immediately, then install our WordPress malware removal plugin. It’ll clean your website and take steps to ensure that your site is being protected from future hack attempts.
What is a TimThumb Exploit?
TimThumb is a PHP script that lets users import images from image-hosting websites (like flickr.com and imgur.com) and edit them on the fly, especially to make thumbnails.
TimThumb had a list of trusted websites and only those images from those websites were retrieved. However, unknown to the developers there was a major vulnerability in this process. WordPress TimThumb only checked if the image URL matches with those websites. It didn’t verify if the image files actually came from those locations.
For instance, ‘imgur.com’ is a whitelisted website but the vulnerability can fool you to retrieve files from bad websites like ‘imgur.com.badsite.com.’
The bad sites can upload malicious files into your website which will enable hackers to access your site. That’s how TimThumb hack compromises your website.
Although this security issue was fixed, TimThumb still experienced security exploits over the years. Eventually, the developers of the TimThumb script abandoned it. Most themes using the script released a fix so that their software could work without TimThumb.
There are many themes that could be using TimThumb for resizing images. If your theme is still using TimThumb then your website is in danger. We’d strongly suggest you scan your website immediately to find out if your website is compromised.
If the themes installed on your website still use TimThumb which leads to your site being compromised, we suggest that you clean your website immediately. But if you don’t know whether your themes use TimThumb then we suggest, you scan your website immediately.To learn if TimThumb vulnerability has left your website at risk, you need to run a complete malware scan. Click To Tweet
How to Scan & Remove TimThumb WordPress Hack
You can scan your site for a TimThumb hack manually or by using a plugin. We recommend avoiding the manual method because it’s time-consuming and small mistakes that lead to big disasters like broken websites. However, if you’d still like to know the process then you can read our extensive guide on How to Clean a Hacked Site?
We strongly recommend using a WordPress security plugin to clean the hack and remove the TimThumb vulnerability.
But we know that picking a good plugin is difficult given that there are so many options available.
Worry not! We have just the right plugin for you – the MalCare Security Plugin. We recommend it to remove any kind of hack including TimThumb. Here’s why:
- MalCare comes with a scanner built to scan your entire website. That includes files and databases. While many plugins only look into places where malware is generally found, MalCare goes beyond that. It looks into every nook and corner of your website and that’s how it detects malware that other plugins fail to find.
- The plugin hunts down every kind of malware, the known ones as well as the unknown ones. It checks the behavior of the code to find malicious codes and flag them as malware. This reduces the chances of false positives.
- Delay in cleanups can cause Google blacklisting and web host suspension. Given that time is of the essence when a website is hacked, MalCare enables you to clean your website under a few minutes.
Now that we’ve seen the highlights of MalCare Security Plugin, we can begin to clean your website. Now, let’s clean your website with the plugin.
Remove WordPress TimThumb Hack With MalCare Security Plugin
1. Install the plugin into your website and then add your website to the MalCare dashboard.
2. MalCare will start scanning your website immediately. It’ll show you how many malicious files and tables were found.
3. To remove the malware, click on the Auto-Clean button. It’ll take a few minutes for MalCare to clean your website.
That’s it, folks. Your website is now clean.TimThumb hacks are caused due to a vulnerability. Remove the vulnerability to ensure the isn't compromised again Click To Tweet
Post Malware Removal Measure
MalCare will clean your site and remove every trace of malware. But you still need to fix TimThumb vulnerability. This will ensure your website isn’t compromised again.
We’ll show you how to remove the vulnerability.
TimThumb vulnerabilities are present in a plugin or theme. It’s a very popular security vulnerability hence any responsible plugin or theme developer would have released a patch to remove the vulnerability from the software. You can implement the patch by updating the theme or plugin.
Log into your WordPress website and execute all pending updates including inactive and custom themes and plugins (recommended read – WordPress security updates).
Then we recommend following implementing hardening measures to protect your website from future hack attempts. To help you out, we wrote a step-by-step guide on how to take website hardening measures.
TimThumb enabled websites to automatically resize images based on the device being used. But without TimThumb, how do you get this feature on your site?
Lucky for us, WordPress does this automatically. Image resizing is now a native WordPress feature.
When you upload an image, it resizes itself and serves the correct image size according to the device. Moreover, when you upload a featured image for a post or a page, it auto-generates a thumbnail size. The thumbnail is what you see when you visit the Blog page (see image below) of any website.
Take, for instance, our MalCare’s Blog page where you can see the thumbnails of recently published blogs.
Hence, there is no need to find an alternative to TimThumb.
The TimThumb hack has affected millions of sites and continues to cause havoc to the site even now. The TimThumb hack is just one of the many hack attempts made on your website on a daily basis. To combat hack attacks, we recommend having a security plugin like MalCare active on your site.
MalCare is easy to set up and it scans your website automatically on a daily basis. It comes with a firewall to block malicious traffics and protects your login page from brute force attacks.
Use MalCare Security Plugin to Protect Your Website 24 x 7
Sufia is a WordPress enthusiast, and enjoys sharing their experience with fellow enthusiasts. On the MalCare blog, Sufia distils the wisdom gained from building plugins to solve security issues that admins face.