Why Are WordPress Pages Attacked & What Can Be Done?

Several years ago when I put up a WordPress page, it was attacked Constantly. Has the Internet, as much as it has changed because of Facebook and other social media sites, not changed much? Several years ago I published a blog using Wordpress. There wasn't any advertising on it - no Google ads or otherwise. It was just a personal site that grew in posts and number of visitors. Because it was Wordpress it was attacked continuously. I see by some of the threads here that type of thing still happens.

What I'm wondering is there anything a web host can do, or does, to monitor and prevent outgoing and incoming script attacks?

Comments

  • WordPress is one of the most popular platforms out there so obviously they will be a huge target for attackers. It worries me that they are yet to strengthen their security well enough to the point where they would be immune to such attacks.

    Thanked by [2] : Merkin DeluxeNames
  • MerkinMerkin Shared Hoster

    @Mildred said:
    WordPress is one of the most popular platforms out there so obviously they will be a huge target for attackers. It worries me that they are yet to strengthen their security well enough to the point where they would be immune to such attacks.

    Thanks @Mildred

  • abytecuriousabytecurious Shared Hoster

    Like @Mildred said, Wordpress is very popular. There are hordes of people looking for exploits in Wordpress. Why do they do it? Basically, the open nature of the platform to allow themes and plugins to be developed and distributed without any sort of security review makes it an easy target. The base platform is strong and secure, but installing plugins and themes from anyone exposes the site to attacks.

    It is like saying, you lock your front door but keep adding new windows to your house without checking if the windows have locks. I was an avid WP fan, but have moved to regular HTML and simple PHP frameworks for building regular websites. Not everything needs Wordpress (like landing pages, simple product pages).

    Thanked by [1] : DeluxeNames
  • MerkinMerkin Shared Hoster

    @abytecurious said:
    Like @Mildred said, Wordpress is very popular. There are hordes of people looking for exploits in Wordpress. Why do they do it? Basically, the open nature of the platform to allow themes and plugins to be developed and distributed without any sort of security review makes it an easy target. The base platform is strong and secure, but installing plugins and themes from anyone exposes the site to attacks.

    It is like saying, you lock your front door but keep adding new windows to your house without checking if the windows have locks. I was an avid WP fan, but have moved to regular HTML and simple PHP frameworks for building regular websites. Not everything needs Wordpress (like landing pages, simple product pages).

    A very excellent answer @abytecurious.
    With that advice, I think I will look for other options besides Wordpress.

    Thanked by [1] : abytecurious
  • cloudmatecloudmate NAT Warrior

    @Merkin said:
    Several years ago when I put up a WordPress page, it was attacked Constantly. Has the Internet, as much as it has changed because of Facebook and other social media sites, not changed much? Several years ago I published a blog using Wordpress. There wasn't any advertising on it - no Google ads or otherwise. It was just a personal site that grew in posts and number of visitors. Because it was Wordpress it was attacked continuously. I see by some of the threads here that type of thing still happens.

    What I'm wondering is there anything a web host can do, or does, to monitor and prevent outgoing and incoming script attacks?

    I am going you a Direct Method to Secure Wordpress so that It never gets Attacked anyhow whatever method you use:
    1. Loginizer Plugin (For Protecting Bruteforce)
    2. .htaccess Custom Security Headers (For protection from Client-side manipulations)(Just check Here)
    3. Imunify360 (Should be on Server)(All Scripting Attacks defense)(Bots,DDOS,WAF,Injections,MySQL all-in-one protection)
    4. Any Firewall(like Wordfence) (For Protection from DOS)

    I Guarantee no one can crack this 4-layer protection. Though, It would be best if Hosting Provider has a Secured Server. It often happens that Server itself is compromised and Results in turn getting your site be the victim.

    Kind Regards

    Thanked by [1] : abytecurious

    Shared Hosting | VPS Servers | Dedicated Servers

    Ankesh Anand
    LHY Technologies
    CEO
    ankesh@cloudmate.in

Sign In or Register to comment.