Wordfence’s Latest About Security

The Wordfence threat report

Wordfence, a leader in WordPress security, has released its yearly threat report. Over the past twelve months, Wordfence software blocked over 90 billion malicious login attempts. That’s 2,800 unsuccessful attempts a second. The threat report is an excellent resource for alerting website owners and operators about the kinds of attacks, the frequency at which they occur, and what can be done to prevent site damage.

According to Forbes,  30,000 websites are hacked daily.  And no website is immune, these attacks affect sites of all sizes, both personal and business. As the largest content management system in the world, WordPress has a huge bullseye painted on it, attracting hackers worldwide. There are several reasons why hackers go after WordPress sites, none of those reasons are due to flaws in the WordPress core software. Rather, most sites get hacked from entirely preventable issues, like not keeping things updated 

The WordPress organization and the security community are transparent when software weaknesses do occur. There are several vulnerability databases where known threats to plugins, themes, and the WordPress core are cataloged. The listings include information about the type of threat, a description, timeline, and a proof of concept (POC) describing the process that can be used to breach the software. Publishing this data, especially the POC, is delayed briefly to allow time to patch the software involved. Often the details available in POC, contains enough information even script kiddies can take down an out-of-date, poorly maintained website.

The 90 billion malicious login attempts mentioned in the first paragraph, represent the most common attack made on WordPress sites. Brute force and other password-related attempts are the number one threat. Most any security plugin you choose will help with these types of attacks. They can even protect us from ourselves by requiring strong passwords.

The Wordfence report shows the second largest number of blocked attempts were to exploit technical vulnerabilities. These technical attacks are best addressed by an effective firewall solution. As with brute force protection, there are many good security plugins with an effective firewall.

For the third type of threat, Wordfence found over 70 million malicious files on 1.2 million WordPress sites. Over 17% of these infected files came from nulled plugins or themes. These nulled items are pirated copies of paid products. The sites providing the nulled software will break the product keys so that the software will run without being paid for and remove any reference to the original author.

The sites distributing the stolen software may appear to be reputable and certainly do not explain they are using work stolen from the original developers. It is also very likely these “free” plugins and themes contain at best, adware and at the worst, virus-laden malware.

The providers of nulled software are rewarded for their efforts by the malicious advertising they have added to the legitimate programs. They can also leave themselves backdoor access to websites using modified software. There’s not a technical deterrent for preventing nulled software. Hopefully educating WordPress users about the dangers of pirated software will slow the growth of this type of malware.

To wrap up, the Wordfence report identified three of the most widespread threats faced by WordPress website users. They were malicious login attempts, attempts to exploit vulnerabilities, and dangerous files spread from nulled software.

Using Wordfence or other quality security plugins plus keeping your WordPress site properly maintained and up to date will make a hacker’s job much more difficult. Most hacking attempts use automated scripts, looking for files to exploit. The time it takes to harden and secure your website helps to send these automated thieves looking for easier sites to attack.