Wordpress Website Attack

How to Protect Against the Recent WordPress Blogs and Website Attacks

If you website is built on WordPress; here is how to protect against the the recent security vulnerability which has let hackers attack (and deface in some cases) over fifty thousand websites.

You can read more about this on the BBC Technology page.

The WordPress core development team quickly fixed the issue and updated with WordPress 4.7.2. If you havent updated your WordPress core files we suggest you do this straight away.

With this secuirty issue, basically anyone on the internet can deface your website without having login access to your site or blog.

We highly recommend that you disable the REST API whcih can easily be done via the REST API plugin

WordPress Website Secuirty

  • Here is a few other tips on protecting your website or blog
  • Change the Default “admin” username
  • Disable File Editing
  • Disable PHP File Execution
  • Limit Login Attempts
  • Change WordPress Database Prefix
  • Password Protect WP-Admin and Login
  • Disable Directory Indexing and Browsing
  • Disable XML-RPC in WordPress