WordPress Blog Claims WordPress Is The Riskiest Web Software?

lock symbol wordpress 240x180 WordPress Blog Claims WordPress Is The Riskiest Web Software?While it’s not surprising to hear about WordPress being insecure from users of rival platforms (as a few of my Movable Type friends will tell me), it’s odd to hear the statement from a company using it to power their blog.

Trend Micro (an anti-virus company) put out a list of risky software or sites which included Mac OS X, Facebook, Google and yes, even WordPress.

The riskiest software used by websites in 2010 was the popular blogging platform WordPress. Tens of thousands of unpatched WordPress blogs were used by cybercriminals for various schemes, primarily as part of redirection chains that led to various malware attacks or other blackhat search engine optimization (SEO)-related schemes. (Trend Micro Blog)

Note: Emphasis in bold is mine.

Blaming WordPress’s security woes on unpatched blogs makes as much sense as blaming an architect for building an insecure house despite the fact that the home owner refuses to lock their doors.

Users choosing to self host their blogs outside the walls of WordPress.com are ultimately responsible for their own security, updates, etc., although Automattic (the company behind WP.com) is trying to remedy this problem via VaultPress.

While choosing a secure host can go a long ways towards ensuring that your blog doesn’t fall prey to hackers, making sure your WordPress blog is updated to the latest version (via the one click update button) is one of the best ways to secure your blog.

Patches aside, as far as Trend Micro assessment as to why WordPress receives far more attacks than rivals is probably best summed up by Jeff Chandler of Weblog Tools Collection:

If Trend Micro wanted to give their statement validity, they would have explained that WordPress is the most popular publishing platform in use across the web and because of that large market share, it is a big target for malicious users.

If Trend Micro feels that WordPress is insecure, they might want to consider switching to an alternative platform before denouncing the software publicly.

Tags: ,

This post was written by

You can visit the for a short bio, more posts, and other information about the author.

Submissions & Subscriptions

Submit the post to Reddit, StumbleUpon, Digg or Del.icio.us.

Did you like it? Then subscribe to our RSS feed!



  1. By givejonadollar posted on January 5, 2011 at 1:33 pm
    Want an avatar? Get a gravatar! • You can link to this comment

    Man, I need some good news. I was just thinking about switching to WordPress. I’ve used Blogger for my blogs for over 3 years but things are getting more and more problematic.

    Obviously, security is as good as it’s weakest link, but with the amount of work us bloggers put into these things, it would be nice to have less to worry about on that end.

    Hopefully, Vaultpress will answer some of these foibles.

    Reply

  2. By Mike T posted on January 5, 2011 at 5:01 pm
    Want an avatar? Get a gravatar! • You can link to this comment

    Blaming WordPress’s security woes on unpatched blogs makes as much sense as blaming an architect for building an insecure house despite the fact that the home owner refuses to lock their doors.

    Bad metaphor. The security problem is directly caused by the builder in this case. The reason it’s still a problem is that the owner hasn’t seen fit to address it yet. The security hole is the fault of the WordPress team. The fact that the blog is unpatched is the user’s fault.

    Reply

  3. By greg urbano posted on January 6, 2011 at 11:21 am
    Want an avatar? Get a gravatar! • You can link to this comment

    one of the features i love about wordpress is the one touch updating, i get notified and i update simple as that!

    Reply

  4. By John McNally posted on January 6, 2011 at 8:43 pm
    Want an avatar? Get a gravatar! • You can link to this comment

    Like greg, I used to like the one click WordPress updating, unfortunately I haven’t been able to do this for almost 12 months. I have a glitch somewhere, that occured when I transfered my blog to a different hosting company. I now have to update manually via FileZilla FTP.

    If other blogs have the same problem, I can understand the security loophole.

    John
    Leamington Spa, England

    Reply

  5. By franky posted on January 7, 2011 at 8:14 am
    Want an avatar? Get a gravatar! • You can link to this comment

    John and Greg, check the PHP Memory limit set by your hoster. I would guess that your settings are 32MB, please increase this via wp-config.php to 64MB.

    Reply

  6. By Raj posted on January 7, 2011 at 1:01 pm
    Want an avatar? Get a gravatar! • You can link to this comment

    wordpress once affected by a virus is a realy mess to clean.

    Reply

  7. By John McNally posted on January 8, 2011 at 10:38 pm
    Want an avatar? Get a gravatar! • You can link to this comment

    Thanks for the tip Franky, how do you know I need to change he PHP memory limit? Is the site slow loading?

    Raj, that’s bad news about a WordPress virus, I think I’ve got one!

    John
    Leamington Spa, England

    Reply

  8. By Live Stream posted on December 13, 2011 at 3:52 am
    Want an avatar? Get a gravatar! • You can link to this comment

    Hello just wanted to give you a brief heads up and let you know a few of the pictures aren’t loading correctly. I’m not sure why but I think its a linking issue. I’ve tried it in two different web browsers and both show the same results.

    Reply

  9. By Live Stream posted on December 14, 2011 at 2:04 am
    Want an avatar? Get a gravatar! • You can link to this comment

    I’d must check with you here. Which isn’t one thing I usually do! I take pleasure in reading a post that may make people think. Also, thanks for allowing me to comment!

    Reply

  10. By Live Stream posted on December 14, 2011 at 6:38 pm
    Want an avatar? Get a gravatar! • You can link to this comment

    Magnificent goods from you, man. I have understand your stuff previous to and you are just extremely great. I really like what you have acquired here, really like what you are stating and the way in which you say it. You make it entertaining and you still take care of to keep it wise. I can not wait to read far more from you. This is actually a terrific website.

    Reply

  11. By Arsenal FC posted on December 17, 2011 at 11:19 pm
    Want an avatar? Get a gravatar! • You can link to this comment

    Hey, I simply hopped over for your web page by means of StumbleUpon. Not one thing I might generally read, but I favored your emotions none the less. Thanks for making one thing worth reading.

    Reply

  12. By Watch Chelsea posted on December 18, 2011 at 12:06 pm
    Want an avatar? Get a gravatar! • You can link to this comment

    I believe you have remarked some very interesting points , thanks for the post.

    Reply

  13. By Tottenham posted on December 19, 2011 at 1:29 am
    Want an avatar? Get a gravatar! • You can link to this comment

    I’ll right away grasp your rss feed as I can’t in finding your email subscription hyperlink or e-newsletter service. Do you have any? Kindly let me know in order that I may just subscribe. Thanks.

    Reply

    Your words are your own, so be nice and helpful if you can. If this is the first time you're posting a comment, it might go into moderation. Don't worry, it's not lost, so there's no need to repost it! We accept clean XHTML in comments, but don't overdo it please.