WordPress under attack (again)!

WordFence – creators of one of the most widely used WordPress security plugins have reported a dramatic spike in attacks on WordPress based websites. This reflects our own findings here at QD Design based on data gathered from the access logs of the various sites we manage on behalf of customers.

WordFence believe the increase is around 30 times the usual volume of website attacks.

Website attacks are, sadly, nothing new. From the earliest days of plain html sites uploaded via creaky File Transfer Programs, ‘bad actors’ have tried to break into other peoples websites.

The popularity of WordPress as a development platform for websites means that it attracts more than its fair share of attacks. Automattic (the people behind WordPress), reckon it is used on around 30% of all websites globally. With that level of usage, it is no wonder that cyber criminals focus upon it (and in particular any known weaknesses within the WordPress environment).

The current threat aims to exploit these vulnerabilities to inject a block of code into a site with the ultimate aim of giving the cyber criminal access and control of the site. With access they could remove your content, replace it with their own or gather data on your membership (should your site have such a feature).

The weaknesses they are trying to exploit are, in the main, well known and in many cases had patches published some time ago.

What to do?

  1. Don’t get too alarmed; website attacks occur all the time (though this current level is considerably higher than normal).
  2. Most importantly – keep your site up to date. The core WordPress file system, the Themes, and any Plugins all need keeping up to date. Updates are pushed out when vulnerabilities are discovered and leaving key components of your website unpatched is opening your site to increased risk of being compromised.
  3. Remove any unused Themes or Plugins. Keeping a stack of old, unused (and probably unpatched) files adds to the clutter in your admin panel. Amongst those deactivated plugins could be one that has been deleted from the WordPress repository because it is a severe security risk. This may be providing an easy ‘back door’ to your site, without you even realising it.
  4. If you don’t use a WordPress security plugin and firewall, it might be time to actively consider it. WordFence (and no I make nothing out of recommending them) make a truly effective plugin that is easy to set up and use.
  5. Consider whether restricting the access to your site by geo-location might give you an enhanced level of protection. The IP addresses of the attacks we have been following can in many cases be traced back to countries well outwith Europe. To be frank, they are exactly the sort of countries you would expect a cyber attack to originate from. If your site provides information and services to an exclusively UK audience, blocking visitors from some of the less desirable locations would prevent them from even accessing the site to try and attack it.

 

If you have concerns over your WordPress site, have noted activity you are unsure of or need to strengthen your sites security, QD Design can help. Call us on 07718 589338 to discuss any issues you are having or improvements you would like to make.

Stay up to date and stay safe!

Nick Hyatt on EmailNick Hyatt on FacebookNick Hyatt on GoogleNick Hyatt on Twitter
Nick Hyatt
Chief Developer at QD Design
Nick has web design experience spanning two centuries (well his first page was in 1998)! He is passionate about helping smaller businesses and new ventures make their mark on the web. As well as a web designer he has spent time as a management consultant and business coach and brings these skills to help customers excel. When not designing websites he is likely to be in the mountains be it skiing, climbing or just taking photos of awe inspiring scenery.

Leave a Reply