WordPress Security Tips
WordPress is one of the most popular open source software packages used by website owners globally. Its $0 price tag drives the success of this application among the internet community, however its Open Source nature additionally drives a huge community of Hackers to exploit the software by finding vulnerabilities in the code of the application. Website hacking is a huge business and has been on the rise, as organised crime around the world has started to fund a lot of the hacker activity over the last few years. WordPress posts updates and patches to their software on a regular basis, which are required to be installed by the website owner. All website owners should bookmark the wordpress.org website and regularly check for updates and announcements.The purpose of the hackers attempts to exploit websites include but are not limited to:
- Setting up a Phishing website for banks and other financial institutions to acquire login details belonging to individuals and companies
- Setting up a Phishing website for organisations holding sensitive data of individuals and companies for Identity Theft or other malicious reasons
- Installation of Malware and Trojans on visitors computers
- Establishing access to visitors computers to acquire saved form data (credit card details)
- Establishing access to visitors computers email software to mass mailout SPAM email messages
- Installing scripts that attempt to execute server commands to the detriment of server stability
- Acquiring sensitive data stored on the website database or inside web files (e.g. credit card details if not purged correctly)
- Acquiring access to website email services to send unsolicited SPAM email messages
- Defacing website content
We urge all WordPress users to patch/upgrade WordPress as well as all installed plugins to the latest stable released versions on the wordpress.org website.
Updated 4 months ago