By Gary Nugent

WordPress Hacked

If you knew that a bulletproof vest was only 8% effective against a bullet – would you let someone shoot you?

Well, unless you have big issues… I’m guessing the answer is no…

So if you knew that your WordPress site security is only 8% effective against common hacker attacks – would you set your site live in the most toxic hacking environment ever…. the internet?

The reality is… that’s exactly what 73 Million WordPress sites are doing right now … that’s like playing Russian roulette with site security.

Don’t believe me? …watch this WP Site get HACKED IN SECONDS…

WordPress Exploits

Michael Thomas & Chris Hitman, specialists in IT/security found that 6 TOP Security plugins were TOTALLY INEFFECTIVE against exploits…

They even managed to hack sites with Cloudflare and Cache Running.

Worse still some of the best security plugins were hiding dangerous exploits:

Most WP plugins are written by amateurs without any defensive coding skills“… said the vendors.

This is a huge problem as 92% of WP sites are hacked this way…

Common Hack Attack Types Explained:

EXPLOIT – (92% of direct hack attacks) – a badly written plugin/theme allows a hacker to execute a command/script that gives them control of your site…
FACT – popular security plugins and services don’t offer any protection against this.

BRUTE FORCE ATTACK – (8% of direct hack attack) – Multiple attempts to guess your username/password and take control of your site.
FACT – most popular security plugins and services are good at blocking this attack… but can’t deal with new amplified XMLRPC attacks.

DDOS – (“break the site” hack attack) – this is an attempt to flood your site with requests so your server falls over.
FACT – Plugins can’t deal with this attack – you would need to use a third party service like Cloudflare or bespoke hardware protection.

In a nutshell …If you run WordPress sites – you need to act now to protect against exploits as you are not covered against the #1 risk to your site.

WP Site Guardian is ONLY tool on the market with Real Time Intrusion detection, Live Exploit Attack Blocking and Intruder attempt notifications.

Needless to say, the blogs I build for my clients will now include this additional security and protection.

Tagged with:

Filed under: WordPress Security