Web Savvy Marketers

  • About
  • Services
    • Strategic Planning
    • Marketing Programs
    • Full-Service Web Design and Development
    • Content Marketing
  • Industry
  • Portfolio
  • Blog
    • Tools & Tips
      • Google Tips
      • Internet Scams
      • Motivational
      • Tips for a good website
      • Website Writing Tips
    • Marketing
      • Internet Marketing 101
      • Philanthropy
      • Search Engine Optimization (SEO)
      • Social Media
      • Web design/Internet Marketing
    • Web Design
      • E-commerce
      • Website Maintenance
  • Contact Us
You are here: Home / Tools & Tips / Internet Scams / How To Prevent Zombie Hack of Your WordPress Site

How To Prevent Zombie Hack of Your WordPress Site

May 16, 2013 Beth Devine

Hackers seek out WordPressWhen you’re the most popular system out there, you’re bound to be singled out and attacked by jealous rivals. Just look at Microsoft and Google. The jealous underdog, Microsoft, even launched a Scroogled campaign in an attempt to undermine their arch nemesis, Google, the clear favorite.

Hackers Seek Out WordPress Sites to Build Zombie Army

WordPress is an obvious target by web-surfing culprits, with over 65 million users around the world. The crime campaign of recent brute force attacks against WordPress sites is a sign that a jealous rival has resorted to subterfuge.

The password-guessing nature of these attacks means the perpetrators are scanning the Internet for WordPress installations and attempting to log in using a list of over 1,000 password and username combinations, infecting over 90,000 IP addresses in its recent campaign.

“The attacker is using a relatively weak botnet of home PCs in order to build a much larger botnet of beefy servers in preparation for a future attack,” Cloudflare CEO Matthew Prince wrote in his blog post.

In other words, they are trying to build an army of zombies for future use in a cyber attack.

3 Things To Do Now

As a WordPress site owner, this means taking preventive action against becoming infected with a zombie-building virus. Take the advice of WordPress creator, Matt Mullenweg, and make three strategic moves to prevent hack of your WordPress site.

1. Change your password

There are several ways to change your password. The easiest way is to go to your WordPress dashboard and click on “Users” in your toolbar. Next, click on “Your Profile” and scroll down to the About Yourself section and enter in your new password.

You can also access your profile by hovering over your name in the top right corner and clicking on “Edit My Profile.”

The password strength indicator will tell you when you’ve found a strong password. Check out WordPress tips to selecting a strong password, which includes what not to do when choosing a password.

2. If your username is “admin,” or a suspect on the hacker list, change that too.

Most of you probably chose something other than “admin” when creating your profile. However, if you have “admin” or a common variant (i.e., adm, admin1, administrator, manager, qwerty, root, test, support, user), change it immediately.

If your username is the name you commonly use on your blog or website, changing it is advised. Remember, changing your username is half of your site security.

Here’s the list of the username/passwords that the hackers used in the recent brute force attack. Nothing like a glimpse into the mind of a cyber criminal, if this does indeed offer one.

For a simple step-by-step to changing your username, go here.

3. Keep your WordPress site and all plugins updated.

You know that little number that pops up next to the plugins on your dashboard? That’s the number of plugins that needs updating at any given time.

Before updating a plugin, check to see that the new version is compatible with your theme by clicking on “View version details.” Then update one plugin at a time, checking on a separate tab to see that your website is still functioning with the reload button.

Doing a website backup is another wise step before updating plugins.

If this sounds neurotic to you, then you haven’t experienced website failure from plugin conflict. If your site does go down, you’ll need to deactivate the plugin. If you can’t access your site to do this, you’ll need to go through your FTP (File Transfer Protocol).

Regular plugin updates are very important in keeping malware and hackers from finding a weak link in your site. Out-of-date and old plugins have been updated for a reason, and hanging onto them is an invitation for hackers to wrangle their way in.

If you are a Web Savvy client, call us, or call your Web hosting company to help you.

If your WordPress site has already been hacked, check with your hosting provider.

Flickr photo from Gabriel GM

Filed Under: Internet Scams, Kacee's Posts, Tips for a good website, Website Maintenance

Recent Posts

  • Is Sustainability Part of Your Plan?
  • Preferred Utilities
  • Post Pandemic Workplace Design
  • A Review of 2022 as We Look to 2023
  • “Neurodiverse” Doesn’t Equal “Disabled”

Search this site

Call Us

860-432-8756

Our Location

222 Pitkin Street, Suite 125
East Hartford, CT 06108
Phone: 860-432-8756

Services

  • Marketing Services
  • Strategic Planning
  • Internet Marketing
  • Multi-Media Productions
  • Marketing Programs

Talk to Us

Follow us, subscribe to us, email us, or call us at 860-432-8756. We’ll use our Super Savvy Tool Belt to stay in touch however you prefer.

  • Email
  • Facebook
  • Google+
  • LinkedIn
  • Pinterest
  • Twitter
Sign Up for Email Updates
For Email Marketing you can trust.

Copyright © 2023 Web Savvy Marketers, LLC · 222 Pitkin Street, Ste. 125 · East Hartford, CT 06108 · 860-432-8756 · Privacy Policy · Log in