The Blog Herald logo

  • News
  • Features
  • Guides
  • Editorial
  • Interviews
  • Blog Tips
  • More
    • General
    • Blog Conferences
    • Contact Us
    • Terms & Privacy
    • Disclaimer

Security and Hacking: The State of WordPress Blogs

January 16, 2009 by Lorelle VanFossen

WordPress SecurityLast year, there was a lot of noise about WordPress being especially vulnerable to attacks and hacks. Not all of those reported hacks and wild fire assuptions about WordPress security were true.

In “SecurityFocus SQL Injection Bogus,” Matt Mullenweg talked about one false report:

Online, apparently, it’s fine for someone to run into a crowded theatre and yell “fire” and the less basis there is in fact the more people link to them. It’s not uncommon to see crying-wolf reports like the above several times in a week, and a big part of what the WP security team is sifting through things to see what’s valid or not.

…All that said, there is a wave of attacks going around targeting old WordPress blogs, particularly those on the 2.1 or 2.2 branch. They’re exploiting problems that have been fixed for a year or more. This typically manifests itself through hidden spam being put on your site, either in the post or in a directory, and people notice when they get dropped from Google. (Google will drop your site if it contains links they consider spammy, you’ll remember this is one of the main reasons I came out against sponsored themes.)

“Sponsored” WordPress Themes were banned from the official WordPress Theme Directory due to inclusion of ads, spam, and malicious links in Themes offered for free, with a hidden price. WordPress Theme scams continue and WordPress users are warned repeatedly to be cautious about downloading and using WordPress Themes without careful inspection and testing.

In the last issue of this series on “Cyber Attacks on the Rise in 2009,” I covered the current spread of the Downadup Worm Infection that uses websites to spread its evil, impacting more than 3.5 million sites worldwide. Such attacks are becoming more rare, but hackers targeting blogs are growing in numbers and resourcefulness. We must be on our guard to protect our blogs more this year than ever before. [Read more…]

Filed Under: Features Tagged With: blog security, cyber attacks, cyber-crime, cybercrime, Movable Type, movable type security, WordPress, wordpress news, wordpress security

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Top Posts

  • 30 Blog Disclaimer Examples
  • 15 Great Sites for Legal, Free Content
  • How To Write Comments
  • 6 Domain Buying Strategies to Skyrocket Your Digital Revenues
  • Publishing Article Series Tips and Techniques
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

The Blog Herald © 2021 Splashpress Media