Hotpink Websites

Websites with Business and Marketing Tools Built-in

  • HOME
  • About
    • Online Marketing and Why It’s Still A Mystery
    • Google’s Mobile Changes will affect you
    • FAQ
    • Website Treasure Map
    • IntegraPay – The way businesses get paid
  • Testimonials
    • Testimonials with Video
    • Our Work
    • Examples of our work
    • Add your testimonial here
    • Refer your Friends and Colleagues to Hotpink Websites
    • More Testimonials
    • from our Youtube Channel
  • Blog
    • – – – Keystone Articles – – –
    • Hot Business Tips
      • Business Mastery Tips
      • Business Networking Tips
      • Business Systems
      • Business Tips
      • Tips N Tricks
    • Backups & Recovery
    • Cheap is not Cheap
    • Domains
    • Inbound Marketing
    • Getting Sales
      • email Marketing
      • Get More Customers
      • Raving Fans
      • Sales
    • Wealth Dynamics Profiles
    • 3 Steps to Start a Successful Web Design Business
  • Offers
    • Tradies Want More Business Without Having To Compete For It?
    • 5 Easy Things to Fix On Your Website this week to Increase Sales
    • Online Marketing and Why It’s Still A Mystery – (video)
    • Website Rescue – Quick Review
    • IntegraPay – The way businesses get paid
    • Domain Registration
  • Contact Us
    • Make your Website Enquiry here
    • New Website Consultation
    • Make a general booking
    • Refer your Friends and Colleagues to Hotpink Websites
    • CLIENT LOGIN
  • Get a Website
    • Get a Website
    • Online Marketing Mystery
    • New Website Consultation
    • Shift to Hotpink Websites
    • Register Your Domain Name

24 Apr 2013

Warning to WordPress website owners

By now you’ve probably heard of the Warning to WordPress website owners.

I hadn’t published anything about this, because our clients websites are already secure.

We already change many of the “standard” things about WordPress to prevent these problems from happening to our clients.

For example . . .

Wordpress
WordPress (Photo credit: Huasonic)

(and this gets a bit “techy” so I will try to explain simply) . . .

The WordPress database tables, (the files where your website information is stored), are installed with standard names which makes them very easy to find and hack, (change or corrupt).

So, one of our standard procedures when setting up a new website is to change these names to something meaningful to us, but a bit more random.

This stops the hacker from guessing the file names and being able to access them.

Now, back to the current threat.

The problem arose because people use standard login names on their website . . . such as “admin” . . . and common passwords.

Essentially . . . the hackers have released “bots” or computer program robots that are attempting to login to a website thousands of times with the userid of “admin” and a range of commonly used passwords.

They are doing this by “brute force”.  In other words, making thousands of attempts to log in to websites.

Even though these may be unsuccessful, they could have the effect of slowing down your website response times.

And quite often, this random approach is yielding a successful login access to the website because the website owner has:

  • used a userid of “admin”
  • been lazy with their password choice

So if you do either of these on your WordPress website, you should immediately:

  • change the “admin” userid, and/or
  • reset the password to something totally random that the robots will not easily guess, like “1jhrs93-$%GH”
  • make sure your website has the latest version of WordPress
  • take a full backup of your website, (you should regularly do this anyway)

 

English: Gen. Douglas MacArthur wades ashore d...
English: Gen. Douglas MacArthur wades ashore during initial landings at Leyte, Philippine Islands. Français : Le général Douglas MacArthur marche vers la rive durant le débarquement à Leyte, dans les Philippines. (Photo credit: Wikipedia)

These steps will put you ahead of 99% of the websites out there, (which is why our clients have not had this problem), and then you will probably never have this problem either.

If you are managing your own websites, the WordPress codex website has a good article on improving the security of your website:

http://codex.wordpress.org/Hardening_WordPress

You can read more about these attacks here:

http://ithemes.com/2013/04/15/ongoing-wordpress-attacks-details-and-solutions/

In particular, take note of the list of common or easy-to-guess passwords that the robots are getting most success with:

  • admin
  • admin123
  • 123456
  • 123123
  • 123456789
  • password
  • 1234
  • root
  • 1234567
  • 12345
  • qwerty
  • welcome
  • pass
  • abc123
  • 12345678
  • 1111
  • test
  • monkey
  • iloveyou
  • dragon
  • demo

 

Well, that is quite simple really!

.

What should you do now?

  1. Change your username and password
  2. Upgrade your WordPress version
  3. Do a website backup
  4. Want some help or ideas? Just contact us at Hotpink Websites now.

.

Quote

There is no security on this earth; there is only opportunity.
~ Douglas MacArthur

Remember – Warning to WordPress website owners

.

Related articles
  • WordPress Sites Under Botnet Attack: Keep Your Site Secure
  • WordPress: Under Attack
  • WordPress, Joomla websites hit by major hacker attack
  • Recently got hacked on WordPress
  • Wide-scale attack against WordPress blogs reported – Computerworld
  • WordPress hit by massive botnet: Worse to come, experts warn
  • How To Put Your Shields Up To Protect Your WordPress Site
  • WordPress Site Hacked 2013: Massive Botnet Targets ‘Admin’ Username, More to Come
  • Is your WordPress website secure?

Share this with your friends:

  • Facebook
  • Twitter
  • LinkedIn
  • Pinterest
  • Email
  • Print
  • More
  • Reddit
  • Tumblr
  • Pocket
  • Skype

Related

‘What is it that you want to achieve,
and how can we help you achieve it?’

Contact Us Now

Want to find out how you can improve your results?
Talk to one of our marketing experts!

Online Marketing and Why It’s Still A Mystery

Get more things like this direct to your inbox.

Related

Written by hotpink · Read more in these Categories: Add to Latest Posts Newsletter, Backups & Recovery, Security · Tagged: How to update your website, password, Security, wordpress

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Find us on Social Media

Facebook Twitter LinkedIn YouTube Google+ Pinterest

Why You Should Add a Hello Bar to Your WordPress Website and How To Do It

Survey Finds Traffic Generation As Top SEO Goal in 2016 | KoMarketing

Online Marketing and Why It’s Still A Mystery

LIMITED OFFER: Claim Your FREE Online Marketing Accelerator Session and Fast Track Your … [Read More...]

Make your Website Enquiry here . . .

I love working with business owners and success strategies that often include websites.  It is very satisfying to be working as part of a team to bring a vision to life. I give my all to these … [Read More...]

Video Testimonial

See More Testimonials Here

See More Testimonials with Video Here

Tradies Want More Business Without Having To Compete For It?

Attention Tradesmen - Want More Business Without Having To Compete For It

Google begins mobile-first indexing, using mobile content for all search rankings

Do you have trouble remembering passwords

5 Easy Things to Fix On Your Website this week to Increase Sales

Google’s Mobile Changes will affect you

All you needed was a business card

Beyond Google Calendar and Apple Calendar: The 18 Best Apps to Manage Your Schedule

Recent Posts

  • Guest post: 8 steps to protect your website
  • 7 Easy Questions That Will Tell You If Your Content Marketing Is Working
  • Four Ways To Improve Your Millennial Marketing Strategies – B&T
  • 10 surefire ways to crush your rivals on Facebook
  • 10 Tips for Getting the Most Out of Your Marketing Efforts

Review Posts from Our Archives

Choose from these subjects

Keystone Articles

Tradies Want More Business Without Having To Compete For It?

The importance of having a website

How to Showcase your Business Premises with 360 degree photography

Survey Finds Traffic Generation As Top SEO Goal in 2016 | KoMarketing

Google begins mobile-first indexing, using mobile content for all search rankings

Search Our Website

Credentials

Check out Credentials, Testimonials and History in LinkedIN

Connect with me on LInkedIN tp

https://www.linkedin.com/in/philip-krieg-5930b12

hub spot certification

wpe-badge-200

SEA biglogo-big50

How can I help You?

philipkrieg-300x2681Please let me know how I can help you on this quick form.

Or, CLICK HERE if you need a new website — Website Enquiry.

  • This field is for validation purposes and should be left unchanged.

 

Related

© 2015 All Rights Reserved · The Hotpink Foundation · Hotpink Websites
TreeTops Plaza Suite 2013, 3/6 Classic Way, Burleigh Waters, Queensland 4220 Australia

The following are copyright and trademarks of The Hotpink Foundation: the words Hotpink, Hotpink Websites, Hotpink Foundation, Website Rescue, Website Autopsy, SEO Made Simple, SEO Micro Sites, Get Your Google Places, Instant Contact, Website Presenter Graphics – the Hotpink Websites logo, the Hotpink Flame Icon, the Hotpink colour #ff0066

Information on this website is general in nature, is the opinion of the author and does not constitute advice.
You acknowledge that you should consult an appropriate professional for specific advice relevant to your situation.
We may receive affiliate payments from services mentioned on this site.  We use and recommend FreeFoto.com

General Terms and Conditions – Privacy Policy

Social Enterprise, (charitable giving)

We proudly support B1G1.

We proudly support the Beyond 4000 Foundation – Building Better Communities.

 

Related

Copyright 2009-2019 · Website by Hotpink Websites · Gold Coast Web Design Company · Log in

loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.