Digital Sales & Marketing Advisor, HubSpot Alumni, 8+ Years of Marketing & Business Development Experience
March 9th, 2020
According to a report from ZDNet, February 2020 saw a noticeable increase in hacking attempts on WordPress websites.
Given WordPress’ ubiquitous presence across the internet (36% of all websites are built on WordPress according to W3Techs), hackers have lots of opportunities to exploit weaknesses and extract valuable information.
Being an open-source system, WordPress always has and always will be vulnerable to these types of incidents. It’s the ultimate trade-off of a system designed to open itself to developers and users all over the world with a very low barrier of entry.
Individuals and businesses can build a robust website on the WordPress platform and utilize plugins developed for a wide variety of purposes, but maintaining those websites and especially the plugins is a labor-intensive, yet critically important, task.
So how do you know if your website is vulnerable to attack based off this information? It’s never a bad time to go into your WordPress setup and make sure all of your plugins are up to date — and if you’re not using a secure hosting platform like WP Engine, it’s also not a bad time to look into it.
WordPress plugins most at risk
ZDNet focused its report on eight popular plugins that are providing hackers the most opportunities; so if any of these are installed on your website, stop what you’re doing and go update them:
Modern Events Calendar is an events management plugin used for displaying events calendars on websites.
WordPress site security
At IMPACT, we often recommend the HubSpot CMS to our clients to avoid vulnerabilities created by WordPress plugins. That being said, HubSpot isn’t a viable option for every business’ CMS, so we develop dozens of websites on WordPress each year as well.
For any website we build on WordPress, we stipulate that our clients have to use WP Engine as their hosting platform to protect against attacks.
WP Engine offers security features such as monitoring plugins, ensuring any that are out of date are updated and notifying their customers of vulnerabilities as they emerge.