Did you hear about the latest cyber attack on WordPress websites (affecting sites running WordPress 4.7.0 and 4.7.1)?
We have deciphered the details so that you don’t have to. With over 1.5 million pages being defaced, over 39,000 unique domains this is a serious security breach.
How Did This Attack Happen?
Initial attacks using the WordPress REST API flaw started last Monday (6th February). To give you an insight into what this means: an API is an Application Programming Interface. When you use a website, you are accessing the ‘human interface’ in the browser. An API can allow another application to access your WordPress content, which is exactly what happened during this hack.
Hackers managed to bypass authentication systems. This enabled them to edit both the titles and the content of WordPress pages.
Why Is This Only Coming To Light Now?
To begin with, the WordPress security team kept these attacks quiet. They had already fixed the bug causing this series of attacks within the release of WordPress 4.7.2 on January 26th. However, as the attacks just kept coming, they had to publicly explain their reasons behind releasing this latest version of WordPress.
Attackers had already worked out how to access sites that were not updated. Subsequently, there was a sharp spike in the number of websites hacked.
WordPress – The World’s Most Popular CMS
Looking at the figures, this attack may seem scary. However, if you think about it WordPress is the world’s most popular CMS, and is used by millions of people worldwide. Of course a security attack is a concern, but it could happen to any CMS platform.
WordPress addressed the problem quickly, and tried to do this with minimal disruption to users. This slip-up will not stop us from recommending or working with WordPress.
How Secure Is My Site?
The main take home message from this attack: you should always carry out regular WordPress updates. Don’t keep putting it off because you ‘haven’t got time’ or ‘my website will be fine’.
The bottom line is that these updates are created for a reason, to fix bugs which can affect the performance of your site. In this case, by not carrying out that update the content of your website could have been ruined. Not only that, but your SEO efforts could have gone to waste.
How To Check Your Site
There is a really simply way to check to see if your WordPress website was affected by this attack. Simply type your website into the address bar, followed by /readme.html.
For example, we would type laser.red/readme.html. If you are presented with a 404 error page, you are safe and have not been hacked! Sometimes this file is removed, for security reasons.
If you are not sure how to carry out this check, or find that your website is not showing this error page, give us a call and we can talk this through with you.
How We Can Help
Here at Laser Red, we know the importance of updating WordPress sites regularly. We work tirelessly to ensure our client websites are kept secure. This includes carrying out monthly updates and security checks to keep you safe.
We appreciate that as a busy business owner, you may not have time to carry out WordPress updates yourself, but you’re in luck! We offer monthly maintenance and support packages to carry out these updates for you.
If you would like further information on our support and maintenance packages, give us a call or email [email]firstname.lastname@example.org[/email]