The weakness was fixed in WordPress 4.7.2, released on 26 January, but according to IDG New Service the WordPress team did not publicly disclose the flaw until a week later so that a large number of users could have enough time to update their software.
But because many webmasters did not apply the patch, a wave of attacks soon followed. It is now estimated that over 1.5 million website pages have been defaced from as many as 20 different hacking groups.
When it comes to website security, it pays to be proactive rather than reactive. Do not assume your website is secure because you have not been hacked in the past.
As website designers and administrators we take our own internet security as well as that of our valued clients very seriously. This is what led us to design a security package to minimise the risks of an attack on your website.
The package is called Citadel and aims to keep your website secure by keeping it updated with the latest minor version and extension updates and by installing a security component in the backend.
Encrypting your domain to use Secure Sockets Layer (SSL) is also highly advised. SSL creates an encrypted connection between the web server and your visitor’s web browser so that confidential information can be transferred.
Your secure site is accessed via https:// rather than http://, and indicated by a padlock icon in web browsers.
- Click here for more information on our Citadel Security Package
- Do you have a security related enquiry? Contact us today