Don’t let up on WordPress Security
For the past two weeks, the WordPress updates have been coming fast and furious. Does WordPress get attacked more then other types of websites? No, not really. What makes WordPress sites more vulnerable is also one of its greatest strengths: owner-maintained websites. While many owners may be comfortable with the day-to-day maintenance of their website content through WordPress, not many are comfortable handling the technical maintenance and choose just to ignore it. The risk you face is leaving your website open to one of these attacks. The cost of putting your website back together once it is full of malware could easily exceed the fees for ongoing maintenance. But before you decide, let’s weigh the risks and you can make an informed decision on how to update your website.
Zero Day Attack
You will be hearing a lot about this in the coming days. This is a very serious threat to your WordPress site, or frankly blog software of any kind. This attack focuses on the ability to for users to leave comments on your website. I would also be concerned about websites that allow posting reviews on the site, allowing end-users to create their own logins to the website, or online conversation/bulletin-board software; any functionality where users are given permission to add content to your website.
Let’s go over what you need to know: