A security flaw in the WordPress blogging software has let hackers attack and deface tens of thousands of sites.
One estimate suggests more than 1.5 million pages on blogs have been defaced.
The security firm that found the vulnerability said some hackers were now trying to use it to take over sites rather than just spoil pages.
WordPress urged site owners to update software to avoid falling victim.
More than a million pages have been defaced by hackers exploiting the bug, say security experts.
WordPress 3.5 enables XML-RPC by default. This simple guide will show you how to disable XML-RPC in WordPress using a code snippet or a plugin.
Htaccess content to block XML-RPC
# Block WordPress xmlrpc.php requests <Files xmlrpc.php> order deny,allow deny from all allow from 220.127.116.11 </Files>
The internet of things is integral to smart urban transport systems, but all this data needs to be stored in the cloud. What are the security implications?
Nearly all of us have had spam emails from a business that have had one or more Email accounts or their website hacked and normally we ignore it and add it to our Email clients spam list and that’s the end of it. But what does this mean to the business ? They have just lost clients permanently.
So how do business prevent such disastrous events ?
- Every PC, Laptop, Tablet and Phone should have an active anti virus installed.
- You Email domain needs to have some kind of SPAM filtering so that your users do not click on an infected Email, for a small business this can normally be done via the anti virus application.
- Unless your web site is static you must ensure that the web design company or individual provide regular updates to the base code and web hosting package you have, if they don’t do this don’t use them and find a more professional company.
- Ensure that your hosting account has very strong passwords, such as your control panel, FTP account and Email accounts.
- When an employee leaves your business change every password they might have known !
- Monitor Email blacklists to see if you have been included, your web design company should do this.
- Do not send SPAM.
- Add a SPF record to prevent anyone sending Email with your from Email address.
These are the basics but will prevent the multitude of attacks. It is better to do this now than loose customers remember TalkTalk and Vtech to name a few.
If you require assistance please contact us.