On June 22nd,  the WordPress team reported suspicious commits to several of their popular plugins (AddThis, WPtouch, and W3 Total Cache) which contained cleverly disguised PHP backdoors. A PHP backdoor could allow someone to gain unauthorized access to your website through maliciously-crafted PHP code.

As a precautionary security measure, WordPress has decided to force-reset all passwords on WordPress.org while they investigate the root cause. See http://www.WordPress.org for more information.

If you use AddThis, WPtouch, or W3 Total Cache, PLEASE UPDATE YOUR PLUGINS AS SOON AS POSSIBLE. To do this, visit the Updates page in your WordPress Admin control panel and ensure each plugin is running the latest version.

The FireHost team is here 24x7x365 to answer any questions you may have via live chat, phone or support ticket through the MyFireHost.com Secure Customer Portal.

Thank you for your attention,

The FireHost Security Team

In fact, websites that incorporate these features accounted for 21% of hacking incidents reported in the first quarter of 2009. The top threats to “socially enabled” websites are SQL Injections (21% of attacks), Authentication Abuse (18%), and Cross Site Request Forgery – CSRF (8%).

“Businesses often use open source applications like Community Server, WordPress, and Drupal to integrate social features into their websites. Every enterprise deserves the ability to keep content fresh by using blogs and forums. It’s great for marketing and user retention. We help facilitate these mediums by addressing vulnerabilities in open source software all the way from module installation to hosting,” encourages FireHost CEO, Chris Drake.

FireHost CTO, Kevin Wall explains why a holistic approach to site development and hosting is important.

“Often the application itself isn’t unstable; it’s the add-ons and plug-ins site owners use to extend the installation that cause problems. Our engineers are well-versed in the nuances of open source platforms. We’re different because we can help you navigate thru the many open source options available and determine which will achieve your marketing goals. Finally, we install open source applications in a way that helps protect you from hackers.”

To learn more about how FireHost can help secure your favorite open source platform, visit our secure platform hosting page.

Extensibility through plugins is an important feature in WordPress. This tool allows users to build upon the original application and customize it according to their own needs, similar to add-ons in the popular Firefox web browser. Currently, there are thousands of WordPress plugins, but there’s one in particular enabling your blog to easily serve millions of visitors at once: The WordPress Super Cache.

The Super Cache plugin automatically generates static HTML pages directly from your dynamic WordPress blog, transforming resource-heavy WordPress PHP scripts into much lighter HTML pages. This allows your website’s blog to operate faster and serve more visitors.

There isn’t a visible difference for your visitors, but this plugin is very important when your traffic spikes upwards of millions of visitors per hour. As long as you have a professional web hosting plan, The WordPress Super Cache will enable you to easily serve millions of visitors from sources like Digg, Facebook, or Twitter.

Because WordPress is an open source platform however, it is highly susceptible to exploitative attacks. This is where FireHost steps in, providing an industry-leading secure hosting environment, safeguarding your website and protecting your data. Without this protection in place, your website will be prepped to weather an onslaught of visitors by using Super Cache, but could be easily compromised and taken offline by a single hacker.

With professional hosting solutions from FireHost, your company can embrace success, rather than worry about it. To realize your company’s full potential with FireHost and WordPress, contact a FireHost professional today.