WordPress has had its fair share of security flaws over the years. Arguably more than any other mainstream platform. A quick search of ‘wordpress’ at the National Vulnerability Database returns over 1,100 published vulnerabilities as old as 2004 and several as recent as this month. Despite all of the security issues, WordPress is a highly-popular platform for businesses and individuals alike to create their online presence.
There are a lot of plug-ins and related resources to help with WordPress resources but there’s one that I’m familiar with that you might want to check out. They’re available through WP White Security – a company run by my colleague and web security expert Robert Abela. He not only offers WordPress security consulting services around hardening, malware removal, and the like but more importantly (from a proactive security point-of-view at least) plug-ins that you can use to lock down your web presence and keep it in check called WP Security Audit Log.
I’ve been thinking of using WordPress to host a website but I’ve held off because of the security flaws that come with it if it’s not proactively maintained and monitored. Tools such as WP Security Audit Log are the only way to go outside of a managed security service to ensure your website is not exploited for ill-gotten gains. If you host your own WordPress website and you’re not a technical person, then something like this is an absolute no-brainer. I’ve been telling Robert for a couple of years now that I was going to write a blog post to share his offerings with my audience. I’m guessing I could’ve helped prevent untold exploits and breaches had I done it sooner! I hope you find it beneficial nonetheless.
One final thing – another good practice that’s often required by law or contract – if anything, common sense – is to run periodic web vulnerability scans to check for common vulnerabilities that can create problems for your website and, ultimately, your business. Better to be safe than sorry…
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”