What makes WordPress sites so vulnerable to "botnet" attacks?


1 Answers

Adam  Groom Profile
Adam Groom , php developer, answered

There are currently 64,564,532 Wordpress sites in the world. So if a hacker can find a vulnerability in Wordpress then there are plenty of sites to that could potentially be compromised.

Easy to setup

It's cheap and easy to get yourself a Wordpress site, and requires very little IT experience to get your blog up and running. On the downside lots of blogs are not patched up, and running old versions of Wordpress with known vulnerabilities, and not setup with best practices in mind, making them an easy and plentiful target, and therefore  perfect bot candidates.

4 People thanked the writer.
View all 8 Comments
Adam  Groom
Adam Groom commented
Fake users are common, these are probably just spammers. Just make sure your running the latest version.
Jason Gregson
Jason Gregson commented
Most people do not care or understand the underlying technology to create a secure space. If this is you, my advice would be, not host your own Wordpress (or any other site), use a SaaS provider and then you just have to worry about the content (Not that this is a small issue ;o) )

On the surface it would like a more expensive proposition, but by the time you have added your time to secure the environment. keep the OS up to date as well as the application stack, it is cheaper to pay someone else to take this pain away.
Paul Airey
Paul Airey commented
The fault with the most recent one was that when you install wordpress, it creates an administrator account called, simply, admin. This cannot be changed. That's 50% of the job done for the hacker, well, botnet. One (username) of two (username and password) variables are set so it only needs to try various combinations or letters, numbers and symbols to get into the account and then the control panel.
What you need to do is create another account called whatever you want with the same administration privileges as the admin account and then delete the original admin account. Wordpress installations now choose your email address as the administrator user log in thus making them less vulnerable to an attack.
During the attack a few weeks ago I had about 20 site lockouts and hour over two days, all trying username "admin" and a password at random and all IP addresses were in Peru. Thankfully I had changed the admin account as I describe above and my site was wasn't hacked.

Answer Question