FBI Issues Release on WordPress Security Issues

FBI Issues Release on WordPress Security Issues

Yet another reason why you need to keep WordPress and plugins updated – the FBI reports that ISIL, the terrorist group, is targeting WordPress installations with old plugins or no security features.

It is not just about keeping it updated anymore. You have to have security in depth, you have to have monitoring, you have to leverage low-privileged users for most of your actions, you have to monitor your logs, you have to use good passwords, you have to audit the plugins and themes you are using. ~Sucuri.net

IMG_2802WordPress Security – What Can I Do?

  • Perform backups.  At least monthly – I prefer weekly.  Files and database.
  • Use a backup service that shows changes to your code. Review every report sent to you.  I provide this service, including reviewing the reports, for $10/month or $15/bi-weekly.
  • Log into your WordPress site at least weekly and run updates.
  • Use secure passwords and usernames.  Not just WordPress, but FTP and hosting control panels as well.
  • Change those passwords at least quarterly!
  • Change the name of your admin folder (I use iThemes Security for this).
  • iThemes Security will also lock out brute force attacks (multiple attempts to guess your username/password).

These days, all website security, not just WordPress security relies on constant vigilance, keeping your site updated, checking for unauthorized file changes and secure passwords.  Please save yourself time, money and stress by logging into your WordPress installations now and running updates!

WordPress Security Links

Follow me

Submit a Comment