Your Site Reputation Makes You a Target
I’ve mentioned Troy Hunt a few times on this blog. He’s one of the good guys in our industry and runs a website called haveibeenpwned.com. If you want to scare your friends and family at a get together, send them to haveibeenpwned.com and get them to type in their email address. You’ll discover that we’ve all been hacked at some point in the past decade and your data is already out there. The site will tell you which breaches you have been affected by.
Troy wrote an awesome blog post yesterday that I think is a message that I’d really like to get out into the WordPress community. I’m going to give you the cliff notes here with my comments, and then suggest that you head over to his blog to read the full post.
All of us WordPress site owners are targets, even if we don’t collect credit cards, even if we don’t capture and store user data and even if we just have a plain old static website. The reason is because our websites have a clean reputation. Notice I’m not using the word ‘good’. You don’t even have to be popular, you just have to be ‘clean’ for a hacker to be able to use your site. If your site is not blacklisted by Google’s Safe Browsing list or any other blacklist, then you are ‘clean’.
Hackers want to gain access to your site so that they can host their own malicious content. In Troy’s post he provides plenty of examples of hackers hosting phishing pages to try and capture user credentials as part of a phishing campaign. He includes hacked WordPress websites in his examples.
So the next time you’re at a WordCamp, on a WP forum or chatting about WordPress in the community, let your friends know that even if you don’t have valuable data or capture credit cards, you are a target because hackers want to exploit your website’s reputation. Make sure you have a great firewall, like Wordfence, installed, learn how to secure your WordPress site, stay up to date on the newest WordPress security news and make sure you take security seriously.
Now head on over to Troy’s blog and read the full post where he provides examples showing how ordinary sites are being exploited by hackers for their reputation. You can also follow him on Twitter.
Comments
12:39 am
Stop scaring me with hackers! :D But I know, you will delete this comment anyway :)
12:47 am
If hackers were like boogeymen, I'd agree with you. The trouble is that the boogeyman is just a scary story. Hackers exist and do harm constantly. So this is less like a scary bed time story and more like great advice if you plan on staying safe in the real world.
It's late here, so I have boogeymen on the mind I guess. :-)
7:42 am
My understanding is that an updated and running wordFence does the job.
Right?
11:51 am
Correct.
12:48 am
That being said, you hear about porn sites with malware all the time and they certainly ain't clean :D
1:12 am
Really interesting post. Fascinating insight and rather worrying. Sometimes I think that a bit more ignorance would be bliss ...
The question is of course: How do we actually know that we are not hosting anything that should not be there?
The page examples in Troy Hunt’s post are basically just a bit of content and a link and therefore not particularly suspicious in themselves, apart from the sites they link to.
I am using the paid version of Wordfence on my site and I think that I am well protected. But am I really? A rather innocent seeming page, Wordfence would not flag this as suspicious, would it?
1:19 am
Wordfence protects you by installing a firewall that will prevent you from being compromised. The malware scan and vulnerability detection capabilities will let you know if you have a security issue or if you have been hacked. It does an excellent job of protecting your site from being hacked or being exploited in exactly this way.
1:21 am
That is a tragedy, and fun at the same time. I read Troys article, and can see that people/siteowners just don't get it.
They are probably all dilligently managing their personal reputations all the time, but when it comes to a website - nahhhh.
Ha ha ha.
1:29 am
Absolutely. Checking users actions can signal their intentions, which of course will help to make appropriate action about them. Thanks for sharing.
2:40 am
wow..you guys are doing great to ensure our websites are safe from hackers...i am very glad wordfence has got my back.
4:42 am
I also read Troy's post and it surely was a good read, too. Thanks!
2:56 pm
my site was having continuous admin log in attempts and comments span, because i was out sourcing the work to fiverr. had to scrap the site and start again. Since then i have done all the work myself and have not had security problems.