Why Are There So Many WordPress Attacks?
Why are there so many WordPress attacks? It seems like every month or two we see headlines about large scale hack attacks against WordPress sites and if your business utilizes WordPress, then those headlines often cause quite a bit of panic. Did my site get breached? Website development companies get a tremendous number of emails after large scale attacks wondering why this happens so often and what they should do about it.
So let’s discuss it.
The WordPress phenomenon
The simple reason that WordPress is in the news so often is because of the popularity of the platform. If the platform wasn’t such a phenomenon in the industry it would not be so regularly attacked.
As far as content management systems (CMS), WordPress has about 60% of the total market share. There are approximately 500 new website being created each day on WordPress and according to estimates they power about one-quarter of the web.
If you look at hacking like any other type of business venture it makes perfect sense as to why so many hackers focus on WordPress; it is the biggest customer in the marketplace.
REST API Vulnerability
The most recent attacks are remote command execution (RCE) attempts against the WordPress REST API that was added and enabled by default on WordPress 4.7.0. This was rated as a severe security risk because of the ability to inject code into posts that would then introduce a backdoor into a file.
Some of the attacks resulted in defacing of sites. While this is certainly disruptive, this would be the least concerning attack. Many experts feel that it is only a matter of time before hackers look for greater exploitation that creates a way for them to make money. One monetization though would be injecting ads, affiliate links or spam SEO to a site for their gain.
If done on enough sites this could result in short term monetary gain before sites realize they have been compromised over the next few weeks or even months.
Should I not use WordPress?
WordPress is extremely popular for a lot of reasons; most prominent is that as a content management system it is the best on the market. It is available in 56 languages. There are also over 40,000 plugins, which while offer some problems in relation to security also means you have a high level of customization available.
If you are using WordPress then you should keep doing so but make sure you include some level of protection for your site. For those who are deciding on a CMS, there is no reason not to choose WordPress. Again, you just need to be mindful of your internet security – which you should be doing regardless of the platform you use.
How can I protect my site?
First things first – update to WordPress 4.7.2 now. This will protect you from the latest security breach. Another solution is to have a web maintenance plan which typically includes security updates, website maintenance such as WordPress plugin installation and bug fixes.
You can also disable plugins that run PHP directly from the posts as this creates the vulnerability that is being exploited. Certain firewalls can also provide added layers of protection for WordPress sites if they use things like virtual hardening.
Finally you should be very selective with what plugins you are going to use. They should come from reputable sites and be carefully reviewed before installation.
The bottom line is that any site can be attacked and even breached if the attacker finds something exploitable and has enough knowledge, skill and computing power to cause a breach. There are so many WordPress attacks because of the popularity of the platform which means if you can violate one site it is likely that you can breach hundreds more which makes for an inviting target to hackers. Much like with home protection from burglars you need to regularly access and review your vulnerability and then take adequate steps to keep your house as safe as possible.
Be sure to check back every Monday, Wednesday and Friday for great new Lounge Lizard blog articles.