WordPress accounted for 90 percent of all hacked CMS sites in 2018

Discussion in 'other security issues & news' started by mood, Mar 5, 2019.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    40,390
    WordPress accounted for 90 percent of all hacked CMS sites in 2018
    Backdoors found on two-thirds of all hacked sites, SEO spam on half
    March 5, 2019

    https://www.zdnet.com/article/wordpress-accounted-for-90-percent-of-all-hacked-cms-sites-in-2018/
    Website Hack Trend Report 2018 (PDF - 1.49 MB): https://sucuri.net/reports/19-sucuri-2018-hacked-report.pdf
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    So this is a surprise?
     
  3. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    40,390
    13 Reasons Why WordPress Hacks are Successful
    June 25, 2019
    https://www.tripwire.com/state-of-s...ection/13-reasons-wordpress-hacks-successful/
    1. Minimal or no WordPress maintenance (not updating core, plugin, and themes).
    2. Not backing up the database and files.
    3. Lack of malware checks, security scans, security plugins (or services) and security monitoring.
    4. Failure to limit login attempts.
    5. Failure to use sitewide SSL.
    6. The use of weak passwords.
    7. Using the default user admin account instead of using a custom name.
    8. Adding too many admins (use caution when giving user privileges).
    9. Not using two-factor authentication (2FA).
    10. Using plugins and themes from untrustworthy sources.
    11. Failure to use the latest PHP version.
    12. Failure to use a firewall.
    13. Using “cheap” low quality or shared hosting.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.