Attacks on WordPress Sites: Is Your WordPress Site Secure?

Attacks on WordPress Sites: Is Your WordPress Site Secure?

A few weeks ago, I read an article in the BBC that detailed a massive attack on WordPress sites. Security vulnerability discovered by WordPress security firm Sucuri and made known to WordPress left tens of thousands of WordPress sites vulnerable to attack. A patch was made, a notice was sent, but still, in the aftermath of it all, more than 1.5 million WordPress pages were altered and defaced as a result. Bloggers lost content, businesses lost potential revenue; it was a bad day for anyone using WordPress but here is the thing, it was completely avoidable.

So how could all this happen? WordPress is such a big organization, surely they can protect against attacks of this magnitude?

Well, yes and no. WordPress being such a widely used framework is a double-edged sword; millions of users mean lots of support, yes, but it also means there is much more opportunity to be had by hackers and spammers. WordPress does what it can but as weve seen, in time, they will leave a door open for security threats.

Although WordPress issued a patch quickly and sent out a notice, a large part of their users simply did not update their frameworks to implement the patch, thus leaving the vulnerability wide open for many users and sites.

So this brings us to the question: Is your WordPress site secure?

What are you doing to ensure the security of your WordPress site?

  • Is your hosting environment secure and clean?
  • Do you know what your hosting environment is like?
  • Are you regularly updating your site and plugins and backing up content?
  • Are you monitoring your site for security breaches?

This isn’t an article about how to secure your site from attacks; there are thousands of articles like that out there and weve discussed it in length as well. This is just a reminder that site security is a real thing and if left to wishful thinking, can have visceral impacts on your online business and site.

And if youre wondering, yes, we take care of all of these security issues for our customers. We host on a private secure environment, we monitor all of our sites, we provide sites backups, updates on all plugins and frameworks, and we provide SSL certificates and clean hacked sites. So yes, we do all of this.

This isnt a sales pitch, however. This is a reminder for you.

If youre not addressing all avenues of possible security breaches to your site, you should be. Its super simple to take very basic precautions that can literally save you thousands of dollars. I cant emphasize how easy and simple these basic steps are.

The energy required in addressing security is basically negligible but will save you so much time and money.

So let this be a reminder. Take site security seriously and do it yourself or hire someone like Luminous Blogging to take care of it for you. Either way, youll be happy you did and youll save yourself money and stress in the future.