Importance of Securing your WordPress Site
WordPress is now one of the most popular blogging platforms in the world, powering around 700 million websites. Naturally, this means that it has come under attack from hackers and other cybercrooks.
This month has not only seen a massive botnet attacking WordPress, but a couple of its biggest caching plugins, WP Super Cache and W3TC, have also been classified as having serious vulnerabilities. These allow a remote code to be executed and allows an attacker to execute commands on the target machine.
The main problem with these plugins, which speed up a WordPress site, is that they have a huge amount of users who may not necessarily update them, although a new version has already been issued by developers. The newest versions disable the vulnerable functions of the plugins by default.
Anyone using these two plugins should update them immediately in order to protect their site. However, it’s thought that the problem with sites using the plugins will only affect those that have comments enabled.
If this wasn’t bad enough for WordPress users, the botnet presents an even bigger risk.
A botnet is a network of computers, often known as drones or zombies, which are controlled by a hacker or cybercriminal with malicious intent via and Command and Control server.
It’s thought that this particular botnet is made up of more than 90,000 web servers, rather than home PCs, and carries out ‘brute force’ attacks that guess passwords. As many sites use the default ‘admin’ username in order to update WordPress sites, this has been made easier for the hackers.
Once the hacker has gained access to the site, he is then able to control it remotely via a backdoor, which persists even if the username and password are changed after the attack.
The site is then added to the botnet and used to carry out attacks on other WordPress sites. These are password-guessing attacks that are picked up by scanning the net for WP installations and then attempting to login to the backend of the site using a list of around 1000 commonly used combinations.
HostGator say Botnet Attacks all Web Hosts
According to US-based web hosts HostGator, more than 90,000 sites are now infected and CloudFlare CEO Matthew Prince says that the tactics used in the attack are similar to those used in the recent cyberattacks on US banks.
“One of the concerns of an attack like this is that the attacker is using a relatively weak botnet of home PCs in order to build a much larger botnet of beefy servers in preparation for a future attack,” Prince wrote. ”These larger machines can cause much more damage in DDoS attacks because the servers have large network connections and are capable of generating significant amounts of traffic.”
In order to avoid becoming affected by the attack, it’s recommended that webmasters and site owners change usernames from the default ‘admin’ and remove any unfamiliar usernames, as well as changing passwords for all users.
WordPress itself advises that users consult their security guidelines and use complex passwords which include letters, numbers and special characters. It’s also possible to restrict admin access so that it’s only possible to login using an approved IP address.
Securing your site
As well as carrying out the above, WordPress site owners should also change any secret keys in their installation, which will stop access for rogue users and ensure that you have the latest version of WP installed.
It’s a good idea to make sure that the entire site is backed up when updating the WP installation as sometimes problems can occur with plugin compatibility.
Plugins should also be fully updated and it’s wise to have a good clean up and get rid of unwanted themes and plugins.
If you suspect that your site is infected with malware, it’s a good idea to have a web professional look at it in order to determine the best way to clean it up.
MySocialAgency is a Leeds and London based digital marketing agency. Get in touch today to learn more about our services.