We just finished cleaning up our 2nd hacked WordPress site this week. It’s only Wednesday. Last month is when we noticed the rise in WordPress hacks. Thats also about the time when blogs were posting about a rise in Brue Force attacks on WordPress. WordPress itself is secure. The plugins and theme files that tend to go un-updated are the biggest issue. Now is the time to start an audit of your own site. If your site is on WordPress, time to look when the last time that theme was updated. Look to see if you have any plugins to update as well. If your one of the few people who have a “web person”, time to start bugging them with questions.
For general WordPress security ask your web person if they have installed any brute force login protection. Next on the list is to ask if they have installed any sort of WAF (web application firewall). You might just hear silence on the other end of that call. The trick to keeping your site online is to keep it updated and protected.
There is one hack going around right now that will make your website redirect to another site alltogether. You dont need to be a web person to know that’s not right. Other ones might be harder to spot. Does your website show a white screen, and it was working the day before? If your lucky, you will see links floating at the top of your website. If they are easy to spot, they are easier to remove.
We are entering into the 2015 holiday shopping season, so we expect these hacks to keep ramping up.