(Latest WordPress Security News – Below)

WordPress-Security-ProfessionalWordPress web sites are becoming more and more time consuming on a weekly / daily basis to keep up with the following items:

1. Plugin Updates (Careful use of any plugin)
2. Regular Backups (Weekly / Monthly)
3. Proactive Security Updates ( WP Security Scan)
4. Performance Optimization
5. Malware prevention / cleanup ( WordFence )

Websites aren’t paintings that you hang up on the wall after they’re complete; they are an investment that needs to be looked after to keep the positive ROI.

With WordPress maintenance, I am pledging time to be your client’s website “bodyguard.” If anybody messes with your business, I’m going in there, guns blazing. Otherwise, you’ll sit quietly in the corner, keeping one eye shut and the other on the door.

Yes, this is different than regular ‘site maintenance‘, which has been outlined in your contracts. ‘Site maintenance’ has been focused on making changes to content / images on your current pages. Changes prices, changing content, adding fresh news are all examples of your existing ‘site maintenance’ agreement. WordPress Maintenance deals with security, backups, prevention and keeping up with various plugin updates.

Security is one of the most important aspects of running a website these days, as there truly are a lot of malicious people out there that can and will try to target your website (whether to try and steal your data, use your PC for a DDoS, or a number of other reasons known only to them).

WordPress web sites are constantly being hacked, or rather are ATTEMPTED to be hacked on a daily basis. WordPress security is all about proactivity. You know what they say, an ounce of prevention is worth a pound of cure, especially on the web. Most WP attacks initiate from Russia, China, France, India, Ukraine and the good ol’ USA.

WordPress-Security


Latest WordPress Security News

Jan 2017

(From Airtable) Most Active IPs

In the table below we have listed the most active attack IPs for December 2016.

193.201.224.205 31.8 – Ukraine 
185.159.36.6 12.4 – Russia Phoenix 
91.200.12.92 6.3 – Ukraine
91.220.131.134 6.0 – Russia Petersburg
178.137.83.84 5.6 – Ukraine Kyivstar
195.154.252.171 5.5 – France 

Complex Attacks vs Brute Force Attacks

A brute force attack is a password guessing attack that is simplistic and has a low likelihood of success. At Wordfence we consider a ‘complex’ attack to be an attack that tries to exploit a vulnerability in WordPress or a WordPress plugin. If you are using Wordfence to protect your WordPress website, brute force attacks are blocked by our brute-force protection and complex attacks are blocked by the Wordfence firewall.  The top two IPs, one in Ukraine and one in Russia, are both using complex attacks to target WordPress websites.

Brute Force Attacks

If you recall our post on December 16th where we described a “Huge Increase in brute force attacks in December“, we saw a marked increase in the number of attacked sites starting in late November.


https://managewp.com/2016-wordpress-website-maintenance-survey
http://torquemag.io/2016/03/wordpress-sites-hacked/
https://www.onehoursitefix.com/10-ways-to-prevent-your-wordpress-website-from-being-hacked/
https://www.cloudways.com/blog/wordpress-hacked-8-tips-to-harden-wordpress-security/
https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/

 

Summary
Service Type
WordPress Maintenance (Proactive Security, Backups, Malware Prevention)
Provider Name
Rich's Web Design
Area
North Carolina
Description
WordPress Maintenance (Proactive Security, Backups, Malware Prevention)
URL