23 Jul Security Breach is Disabling WordPress sites
Threat Number One: DDos Attacks
This notice applies to WordPress websites only. Hackers are using the trackback and pingback function in WordPress for DDoS botnet attacks. This is causing WordPress websites to be disabled, sometimes with an error and sometimes just showing up as the “white screen-of-death”. Either way, your website is down. The vulnerability is from WordPress’s XML-RPC functionality, a feature enabled by default since version 3.5. Attackers are abusing the feature to launch DDoS attacks against other sites.
What is a DDoS attack?
DDos stands for Distributed Denial of Service. A DDoS attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. In the case of the XML-RPC exploit, attackers may use its pingback feature on your WordPress site to attack other sites.
The XML-RPC function was originally designed to be used an intranet notification system for WordPress users. But few use it anymore due to spam. Some plugins require it, but most do not. It is important to note that XML-RPC does serve some legitimate purposes, including the pingback feature and the ability to post content remotely from various WebLog clients.
Due to the scale and nature of the exploits, however, we would like to recommend that WordPress owners who do not require or need the XM-RPC functionality take steps to disable the threat from their site.
1.) Install the ” Prevent XMLRPC plugin”. If you are unsure of how to do this, please call WebStores Ltd at 877-924-1414 or 303-688-6560 and we will assist you.
2.) Make sure you change your password to something strong and secure (such as uppper and lowercase letters, numbers, and symbols).
Threat Number Two: Brute Force Entry
A second threat affecting the WordPress community is hackers trying to gain access to your site using brute force techniques to loginn to your site. Once in, they can control your site and steal other passwords, credit card information, and emails.
You can prevent this type of attack by installing a plugin called “BruteProtect”. Again, if you have a WordPress site and do not know how to do this, call WebStores Ltd. And again, make sure you update your password to something strong.
I’ve had customers call and ask questions as to why someone would hack a website if they didn’t even have ecommerce. Who knows the mind of a hacker, but access to passwords and emails are part of the reason. Next you might wonder, if WordPress is vulnerable to these types of attacks, why is it so popular and why do we use it to build websites? It is precisely because it is so popular and the best platform for most small business websites that hackers are exploiting it. I encourage you to take the steps listed above to keep your site safe.