via ithemes.com => original post link
If your WordPress website’s login form is its front door, what is a website backdoor? As you might guess, it’s a way to get in without using the front door. You never want anyone to be able to do this! Unfortunately, cyberattackers often are successful at creating backdoors on sites they’ve breached. This allows them to keep coming back and doing more damage over time.
Attackers Will Keep Coming Through a Backdoor Until It’s Gone
Try to imagine for a moment that twelve months from now, your website has become so successful that your profits have doubled, and you’re finally getting some positive traction in your business. Suddenly all that momentum comes to a screeching halt when a hacker breaks in and installs a backdoor on your website. You think you’ve secured it, and then they’re back — adding spam links and malicious redirects, stealing sensitive customer data, or using your site for phishing to trick visitors into revealing their passwords.