Warning to all WordPress admin users
- 23rd Apr 2013
WordPress is the most used content management system to date, powering over 64 million websites and counting. Studies show that around 17% of the world’s websites are powered by WordPress but why is it so popular? The easy to install platform is a hit with none web savvy users who can created blogs with ease. As well as being a hit with bloggers the free to use plug-ins allow for endless opportunities for the more adventurous and technical user.
With WordPress accounting for such a high percentage of worldwide sites, the amount of user accounts associated with the platform is beyond belief, but how many are vulnerable to being hacked?
By default the username of a newly created WordPress account is set to ‘admin,’ many users keep these account details for one reason or another. Within the last week it’s been widely reported that there is an attack being launched on WordPress sites. Hackers are using brute-force to find the passwords for ‘admin’ accounts hosted on over 90,000 IP addresses.
We recommend all WordPress users change the username to something secure and memorable. Besides using a password containing a mixture of characters we also recommend installing security plug-ins which can restrict the number of failed log in attempts.
We have taken action to secure all WordPress sites under our control and have contacted the small number of site owners that were at risk, informing them of the situation and of any account changes that were made on their behalf.