Just How Safe Are WordPress Sites?
With so many people in the world using WordPress to host their own personal blogs and business sites the question about how secure these sites are has been growing in recent months, especially after attacks aimed at WordPress have become more common place. But just how safe is a WordPress site, well according to the experts, it depends on how you are using it.
Security experts High-Tech Bridge told betanews that WordPress sites have come a long way over the years as more and more people choose to use them as their primary way to create web content.
WordPress sites used to be the domain of personal bloggers but the ease of the sites and possibilities for multiple access rights has meant that even large companies are getting in on the action and using WordPress which has meant that the platform has become more of a target for hackers.
The main security issue for High Tech Bridge is not WordPress itself but the third party plug ins and extensions that many people use to develop their site further.
Ilia Kolochenko, the CEO of High-Tech Bridge told betanews: “For upwards of a decade the major CMS platforms such as Joomla and WordPress have been deeply researched by both black and white hat hackers. In the early days SQL injections and code execution flaws were commonplace. In fact, around 90 percent of websites were vulnerable to critical-risk attacks permitting to take control over the website remotely within a dozen of minutes”.
In conclusion Ilia Kolochenko says: “I would say that a popular CMS, such as WordPress or Joomla may be considered secure in default installation if they are properly configured, don’t have third-party code and are up to date”.
The problem with this is that most sites on WordPress run with plugins and there is no telling from the point of view of an average user, just how skilled the coder was who put the plugin together or how well protected from attack the plugin may be.
Realistically any WordPress user who is looking to keep their site as secure as possible should only use plugins that they really need and should disable any others that they are not using. Users should also always update all software and look out for security notifications from WordPress who are constantly working to keep security levels as high as possible.
The only way to be as safe as possible is to have no plugins or third party apps working on your site but that will probably mean that you won’t have any visitors either!