Many companies operate under the assumption that their WordPress sites are secure -- and that couldn't be anything further from the truth.
WordPress sites account for more than one-third of all websites on the Internet, including some of the most highly trafficked sites and numerous e-commerce sites. So it stands to reason that companies would spend a lot of time and resources on protecting site security, right?
Unfortunately, says Ted Harrington, executive partner at Independent Security Evaluators (ISE), too many organizations believe that because WordPress runs on open source, it's innately secure.
"The assumptions many people have is that because it's open source, the best ethical hackers will work to find security vulnerabilities and we don't need to focus on security," Harrington says. "The truth is we still need defense in-depth and can't assume that WordPress is secure."
Indeed, over the past year, critical vulnerabilities were discovered that impacted more than 1.5 million WordPress sites and were often linked to one of the 50,000-plus plug-ins that enhance WordPress functionality, adds Timothy Chiu, vice president of marketing at K2 Cyber Security.
"Security vulnerabilities continue to be discovered," says Chiu. "Each new vulnerability is a good reminder that plug-ins can affect your site's overall security."
Armed with the seven tips that follow, WordPress administrators and security teams will have the basics they need to lock down their sites. Read on.
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024