Posts Tagged ‘WordPress Security’
by FireHost Evangelist on July 28th, 2011
Some would argue that online security has changed for the worse. As open source Web applications become popular within businesses, they have also become appealing to hackers.
As more company websites run on open source applications like Drupal and with corporate blogs powered by WordPress, more victims may suffer from hacks and costly exploits. Learning jQuery learned this lesson the hard way. Before they took a serious look at hardening the open source platform, embarrassing and costly attacks wrought havoc. Other companies that haven’t taken proper precautions to insulate themselves against such threats could face the same fate.
We’ll highlight some security issues that open source Web applications pose and propose solutions if you’ve considered making open source applications part of your business.
Common vulnerabilities in open source Web applications
Like you, hackers love that open source Web applications are free and provide easy access given their “open” source code. If, for example, a hacker can deploy a script to steal information or take control of a Web application on a single piece of hardware, he can easily reproduce these devastating results to affect multiple users or multiple websites that share the same code base. Here’s why:
(more…)
Tags: Drupal Hosting, open source hosting solutions, protect open source applications, WordPress Security
Posted in: Cloud Hosting, Security | No Comments »
by FireHost Evangelist on June 22nd, 2011
Action Required: WordPress.org Repository Plug In Hack
On June 22nd, the WordPress team reported suspicious commits to several of their popular plugins (AddThis, WPtouch, and W3 Total Cache) which contained cleverly disguised PHP backdoors. A PHP backdoor could allow someone to gain unauthorized access to your website through maliciously-crafted PHP code.
As a precautionary security measure, WordPress has decided to force-reset all passwords on WordPress.org while they investigate the root cause. See http://www.WordPress.org for more information.
(more…)
Tags: WordPress Plugins, WordPress Security
Posted in: FireHost Alerts, Security | No Comments »
by FireHost Evangelist on October 21st, 2009
The WordPress Development team has been working feverishly to launch the next big release (2.9) by the end of October. However, security vulnerabilities pose such a threat to their HUGE user-base, they back-ported some of the 2.9 security patches into a version released yesterday – 2.8.5.
WordPress version 2.8.5 addresses the following security vulnerabilities:
- Fixes the Trackback Denial-of-Service (DOS) attack vulnerability
- Removes code areas where php code in variables are evaluated
- Upgrades file upload functionality so all users (including Admins) are whitelisted
- Retires two Tag data importers from old plug-ins
This interim release shows the WordPress Development Team’s commitment to protecting users with the maximum level of security they can provide. Impressive!
All WordPress users should harden their installation immediately by upgrading to this new version now. Upgrading your website is a great excuse to upgrade your hosting environment as well.
Ask yourself:
(more…)
Tags: Secure Cloud Hosting, Wordpress Hosting, WordPress Security
Posted in: Security | No Comments »
