WordPress Found a Big Problem in April. Here’s Why You Had no Clue.
Awareness is key when it comes to maintain your security online. If you think of websites as people, some are walking barefoot, easily prone to infection and disease, while others wear strong, sturdy boots, able to take on anything.
Website security is a tricky, techy subject, but the benefit of having our expert coding team on your site is that we’ll take care of it for you.
Basically, there are hackers all over the globe who thrill on penetrating systems, companies and organizations whether for personal or financial reasons, one cannot be sure in each instance. Either way, they try to ruin other peoples’ day/month/year/life.
Recently (as in April…yes, last month), WordPress (yes…the platform we can’t praise enough) discovered (and fixed) a serious security issue.
Two separate XSS vulnerabilities were found and corrected immediately, however it’s worth an overview of what happened. An XSS is an acronym used to describe “cross-site scripting” which means the ability for attackers to inject “client-side script” into web pages in order to essentially hack the $#@% out of them.
English please? Okay. Here’s one in action:
This is an example of an XSS vulnerability – specifically called the “Zero Day Flaw.” A hacker goes to your site, enters a bunch of gobbledygook (aka highly specialized coding) in your comments section. That’s all they had to do to infect your site.
Not to worry however! This flaw was discovered immediately by WordPress and within a very short time frame, was known, discovered and fixed across the globe.
And, you can guess what NWD staffers, Sarah Lacy & Walt Brown were doing all day….yup, securing all WordPress sites hosted with us. What it took was a simple update and voila. All set.
However, if you host with a random, run of the mill company, instead of finding out about the vulnerability immediately and having it fixed for you immediately, you likely would have just gotten an email (likely stuck in your piles of emails), instructing you to update your WordPress site to the latest version.
Think of how easily you could have missed it, not knowing that the website you had put so much time and effort into, was vulnerable to getting “sick” with a virus.
And, if you aren’t the most tech savvy of tech “savviers”, installing an update might take you half the day to figure out.
Just another reason why it’s in your best interest to host your website in a secure location with a savvy team to make sure your website is always in good hands, has the latest updates, and has a global standard for security.