Internet Security : Keeping your WordPress Website Safe


Jun. 16

3.49 K


There is a famous quote by Sir Isaac Newton – “What we know is a drop and what we don’t know is ocean”. The very same thing goes when are to talk about our Internet Security or Website Safety. It’s small yet so vast that it is impossible to protect it.. Bruce Schneier, a renowned Cryptographer once said, “I am regularly asked what average Internet users can do to ensure their security. My first answer is usually, Nothing–you’re screwed.”

Getting Screwed over Internet Security

It is something over the top and highly complicated, but then it’s all about right protection of your data and system. One may be screwed if nothing is done to protect oneself and Internet have always been a war between Good guys and Bad guys. Something that we also call as Ethical Hackers and the Criminal Hackers.

They have pretty much same work and possess similar knowledge. All that’s different is their motive, their approach towards something. Recently there was a news of WordPress sites under attack from new Zero-Day in WP Mobile Detector Plugin. The WP mobile detector plugin is an effective tool that simply detects mobile users visiting a site and allows webmasters to load a specific mobile friendly theme.

The Attack by a WP Mobile Plugin

The attackers used this plugin to upload backdoor scripts on WordPress sites in such a way that it would show adult themed SEO spams on it. Such affected websites would cause severe deterioration of website value among the market.

This kind of vulnerability that came almost after 20 years the PHP coding started, is a very serious concern. Something of this extent where an attacker can easily upload any file on the WP site calls upon the basic lessons on file upload security.

Averted a Severe Vulnerability

It is scaring for many who have their websites based on WordPress. But it should be learned that a much dreadful attack was averted by many developers who notified about this loophole to Developer and later to the WordPress Plugin Directory.

The action was swift and WordPress has not only removed the plugin from the directory but also released it Version 3.6 which had this vulnerability fixed. By the time plugin was removed, it had more than 10 thousand installs but after the update, it has only a bit more than 1000.

The similar code like the Zero-Day was also found in another plugin called ImageMagick which is used to directly or indirectly resize the images uploaded by the end users. There is no panic as security firms like Sucuri have confirmed there is a connection between the two vulnerabilities.

Yet, one thing is for sure, how hard one may try but it is sure gonna be attacked yet one has to be ready and prepared for any type of vulnerabilities.


Ketan Raval
Posted by Ketan Raval

Blog A directory of wonderful things

7 Reasons to Believe for Laravel’s Prominence in 2017

In the span of two years, developers have used number of frameworks for different languages. This includes, Yii2, Symphony, Ruby on Rails etc. But there is one particular framework which …

Next Level Mobile Friendliness Website Just in 3 Steps!

Google’s Mobile friendly Up-dates come out these days and also officially announced about its mobile friendly ranking algorithm changes.  These changes are impact on websites that aren’t mobile friendly, this …

Twitter Plugin for WordPress Can Generate Twitter Cards, Enable Twitter Analytics and Much More!

Twitter has launched its WordPress Plugin with plethora of options yesterday. The plugin will users a bunch of Twitter functionalities in the WordPress website. It can be very useful for …

Private Content Management System ,Why We Do Not Have Our Own ?

We have been asked these questions by our own CMS Developers, my IT Friends, few of my clients. Everyone ask me why you are not having your own CMS so …

Secure WordPress CMS website with OSE firewall Plugin

WordPress has major issue and that is “security”, if you ask any wordpress user they would always emphasize on security concern while using wordpress. As a WordPress web developers we …

CSS3 replaces traditional JavaScript for styling purpose: Checkbox styling example

HTML5 and CSS3 is advance level client side programming (we cant get away with it). CSS3 has opened up all new horizon for UI Designer Today We want to show …

Social Media on Fire Now for WordPress Websites : Jetpack New Plugin Review

Are you in social media and blogging? How many times you thought that you want a plug-in which can route all posts/updates in various social media? I am sure many …

Importance of displaying telephone numbers to Improve Website’s User Experience

User Experience is always an important part of any Website development project. It is always important to try something and tweak your html to improve website development. Phone Numbers and …

easyReservations – WP Plugin Review For WordPress Website Customization

In the past decade business websites have come a long way from just being brochures that point your customers in your direction providing an address and phone number. With the …

Bring Your Concept Online With a Stunning Website

Someone has rightly said that, ‘Your customers step at your store looking at the design and interior” the same applies to your online store The more interactive and lively is …


Have an !dea or need help with your current business?

We use cookies to give you tailored experiences on our website.