Hackers Focus on WordPress


imagesYou may have noticed some recent articles in the news regarding large brute force attacks directed at WordPress and Joomla based web sites. If your site is hosted with Trusty & Company Hosting and has a WordPress based blog or CMS and you are concerned about its security, put your mind at ease…we have it covered.

Although it is impossible for us, or any other web hosting service, to guarantee 100% that a site cannot be hacked we’ve taken some extra steps to insure that sites hosted on our server are as bullet proof as possible.

The current round of attacks are directed toward a WordPress installation’s admin account. That is, a user account on the blog or CMS that has the username ‘admin’. We’ve been aware that this is a potential weak spot since the early versions of WordPress so we never create admin accounts for any of the sites we develop. According to Matt Mullenweg, the founder of WordPress, this step alone will put you “ahead of 99% of sites out there and you will probably never have a problem.”

A ‘brute force attack’ means that hackers are trying to overpower a web site by shear number of hits/attempts. The network of bots supposedly consists of over 90,000 IP addresses. If technology permitted they could attempt access from a different IP every second for over 24 hours without using the same IP twice. There’s little that can be done against those odds, but to further increase overall security of Trusty & Company hosted WordPress sites and blogs we are in the process of installing limited login attempt filtering to all WordPress installs at no charge to our clients whether they have a Web Maintenance Plan with us or not. This means that anyone trying to access a site will have limited attempts to successfully login. If a correct ID and password combination is not submitted in three attempts the user will be locked out of any future login attempts for 30 minutes. A reasonable amount of time, if it’s an honest mistake, to get the correct access information. Additionally, if repeated login attempts result in 3 lockouts within 12 hours any future attempts from that IP address will be blocked for 48 hours. Our experience has shown that after repeated 48 hour lockouts the attacks will eventually cease.

So what should you do? If we host your site and you do not currently have a Web Maintenance Plan with us, we encourage you to signup now. Hackers are not going to stop hacking, and we won’t stop protecting your site. Because of the significant time required to update security on a regular basis, we just won’t be able to do that for clients who do not have a Web Maintenance Plan. Most sites require the minimum plan, which is very affordable. And as always, call or email us with any questions or concerns you may have.


Leave a Comment

Your email address will not be published. Required fields are marked *