We have written before about the importance of properly securing your WordPress website. According to a recent post on the WordFence blog, the Mossack Fonseca breach, commonly known as the “Panama Papers,” was apparently made possible by an unpatched WordPress plugin, and also a mail program that stored user credentials in plaintext..
This again reiterates the importance of keeping your WordPress version up to date (version 4.5 as of 4-16-2016), as well as updates the plugins and themes associated with your site files. I also recommend keeping your site files backed up with a plugin such as Backup WordPress or Updraft, and keeping it all secure with a security plugin like WordFence.
So if you are keeping any sort of client or employee information on your website, and don’t want to see it stolen, sold, or exposed like this, this is something you need to take care of today.
- WordFence Blog – plugin problems
- WordFence Blog – stored plaintext passwords problem
- WyzGuys – How to Secure WordPress
About the Author:I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com