WordPress Malware Protection
WordPress powers roughly 32% of the internet. Its widespread popularity is due to the fact that it’s easy to use and open-source (free). To put in perspective, as of January 2020 reports suggest that there are roughly 80 million WordPress websites on the web.
Because of it’s widespread use, critics commonly exclaim that it is a common target for hackers and malicious activity. Truth of the matter is, though, that any application that is publicly available on the web could be a potential target for hackers looking to cause trouble.
As WordPress gurus, we follow vulnerability and attack trends closely. In our own build stacks, we apply security hardening features to every website we build. Once a site is live, we run it through a series of weekly tests to ensure it is as secure as possible and secure against the latest known threats.
Attack Surface Testing
One of the best ways to keep your website’s security in order is to keep it’s attack surface as small as possible and regularly test it against known attack methods.
Before an attacker actually launches an attack on a website or application, they conduct reconnaissance. In other words, they spend time researching and gathering as much information on your site and server as possible in order to find points of intrusion or vulnerability. For WordPress, this includes things like identifying admin usernames, searching for plugin names, and testing for SQL injection
Therefore, the less information there is available on a website, the less of an appealing target it is.