Your WordPress Website is Under Attack!

How Hackers Access Your WordPress Website

Ok this is a bit of a generic statement however it is collectively true. Hackers are looking to enter your WordPress website and make a mess of things. In a recent study by the WordPress security company Wordfence, they discovered that most hacks are done in 2 ways, plugin vulnerabilities or brute force attacks. Though there were 13 different known entry points from hacks found in this survey the top two hack entry points account for about 70% of all that were studied.

Plugin vulnerabilities can be any number of things and too numerous to try to list. The easiest remedy for this is to make sure your plugins are currently supported by the developer and that they are up to date. Brute force attacks are essentially when a computer program tries to guess your username and password to gain entry. The easiest fix for brute force attacks are to have a 2 factor authentication method. Two factor authentication methods require you to enter a code sent to your cell phone in order to log in. We also recommend placing the website behind a web application firewall that will prevent many attacks from even starting.

 

wordpress_website_how_compromised

Image/Case study by Wordfence

 

The Truth About Your WordPress Website

I am a web designer in Metairie La and when I consult with clients about their WordPress website I always discuss security and preventive measures. Every so often I get clients who have heard rumors of WordPress being “unsafe” or easily hacked. The fact is, WordPress is a safe platform to run your website on when properly maintained. Any website will be vulnerable if unmanaged for long periods of time however since WordPress frameworks make up the majority of all websites globally (about 25%) they seem to be hit the hardest.

The fact is, you would not expect your car to run if you did not change the oil every few months, so why would you expect anything else to do so? WordPress websites need a small amount of TLC in order to remain safe. I recommend to clients to check for updates [and implement them] every month. In the very least, update your website when you get your oil changed!

We welcome comments, questions or feedback so do not hesitate to comment or hit us up to discuss your questions.

 

Study Performed by Wordfence a WordPress security service

How Hackers Gain Access to a WordPress Website – Case Study/Article – Wordfence