Wordpress Hacked
90% Of All Hacked Websites Are Wordpress
Approximately ninety percent of all the hacked websites Sucuri investigated in 2018 were WordPress sites despite Wordpress accounting for only 33% of websites online. In a distant second, third, and fourth came Magento (4.6 percent), Joomla (4.3 percent), and Drupal (3.7 percent).
This is not entirely surprising as hacking is a business and hackers are looking for the best ROI for their business so it makes sense that they would focus most if not all of their efforts attacking the most popular platform. After all, if a hacker can find a backdoor into Wordpress they have access to 33% of the market place so why waste time on another platform that has say 6% market share.
Does this mean that Wordpress is inherently insecure? No, it just means more people are trying to break into Wordpress sites than other platforms which in turn means that Wordpress site owners have to be extra vigilant in protecting their websites.
The biggest cause of hacked websites is running an out of date CMS (Wordpress, Drupal, Joomla etc) or having out of date plugins. When a secuirty patch is released for a CMS, the first thing hackers will do is reverse engineer that patch to find the vulnerability it fixes. They can then start attacking all of the sites that have not been updated. It is essential that you update your website as soon as a security patch has been released.
The second most common cause of hacking is outdated or poorly maintained plugins. If you have plugins on your website that have not had updates issued in the last year, chances are the developer is not maintaining it. It is hard to know if that plugin is at risk but you can install a security plugin such as Wordfence or iThemes Secuirty to monitor for securtiy issues and malware.
Websites With Purpose offers a Wordpress and Joomla updating system to keep your site software and plugins up to date for a low monthly fee. Call us on 0414 909 759 to discuss.