{"id":194,"date":"2015-06-04T21:27:23","date_gmt":"2015-06-04T21:27:23","guid":{"rendered":"http:\/\/www.ahosting.net\/blog\/?p=194"},"modified":"2025-10-20T10:28:02","modified_gmt":"2025-10-20T10:28:02","slug":"its-important-to-see-to-security-on-wordpress","status":"publish","type":"post","link":"https:\/\/www.ahosting.net\/blog\/its-important-to-see-to-security-on-wordpress\/","title":{"rendered":"Why It\u2019s Now More Important Than Ever To See To Security On Your WordPress Blog"},"content":{"rendered":"

According to a report from CodeGuard, WordPress now powers 79% of content-driven websites<\/a>. By comparison, Joomla powers 7.2%, and Drupal 5.3%. The report further notes that designers and developers are flocking to the platform in droves; it\u2019s gained more popularity in that market than it has among bloggers.<\/p>\n

That popularity is a double-edged sword. On the one hand, the volume of WordPress users means more plugins, more themes, and better support. On the other, it also makes the platform that much more attractive a target for cyber-criminals.<\/p>\n

To that end, there\u2019s a distressing new type of attack making the rounds on the web – a piece of malware, to be precise. What makes it so problematic is that it doesn\u2019t behave like any other WordPress malware. It doesn\u2019t try to install anything on a user\u2019s machine.<\/p>\n

It attempts to steal the user\u2019s login credentials instead.<\/p>\n

\u201cWhen unsuspecting users attempt to login to one of the compromised WordPress sites, they are served injected JavaScript code as part of the login page,\u201d explains Zscaler, the firm which first broke news of the malware.<\/a> \u201cThe end user is oblivious to the fact that the credentials were leaked to a remote attacker\u2019s site, as he is redirected to a successful logged in session.\u201d<\/p>\n

I\u2019d imagine there will be a fix for this vulnerability coming in short order. At the moment, however, the only defense against the infection is due diligence. Website owners can check to see if their site is compromised by searching for the code in question, as well.<\/p>\n

It\u2019s the same old song and dance we\u2019ve heard a thousand times before. This time it\u2019s malware. Last week, it was a plugin vulnerability. Then a glitch. Then more malware. Then brute forcing. Then\u2026<\/p>\n

You get the idea. WordPress attacks and vulnerabilities surface with such frequency, one can\u2019t help but wonder why anyone uses the platform at all. Is ease of use really worth the security risks?<\/p>\n

Honestly, the risks aren\u2019t as great as everyone makes them out to be. The reason we see so many vulnerabilities on WordPress – the reason it\u2019s targeted so frequently – is because of its popularity. That\u2019s it. If it were Joomla or Drupal in WordPress\u2019s place, it\u2019d be the same story.<\/p>\n

Of course, just because the vulnerabilities aren\u2019t as pronounced as everyone makes them out to be, doesn\u2019t mean you shouldn\u2019t be taking measures to keep your site secure. You should be doing everything in your power to do so, actually. There are a few steps involved in this:<\/p>\n