It is urgent that you make sure your WordPress installation is protected from attacks.
We have recently seen attacks against two different clients who use WordPress. These clients are unrelated, and their sites are not hosted in the same location, or even using the same provider. Therefore, we do not believe that the attacks are related.
However, it is urgent that you make sure your WordPress installation is protected from such attacks. We urge all CHCS clients to take the following steps immediately.
- Change the passwords for all WordPress users. Make sure that the new passwords are strong.
- Update WordPress to the latest version.
- Update all WordPress plugins that you may be using.
- Make sure that you have installed and set up the Better WP Security plugin.
- Make sure that you have installed and set up a cache plugin. Use either WP Super Cache (setup instructions) or W3 Total Cache (setup instructions).
We believe that WordPress is a good platform and a useful one, but its popularity makes it a tempting target for hackers. Therefore, it is imperative that all CHCS clients using WordPress maintain tight security on their sites at all times. As always, feel free to contact CHCS if you have any questions.