Extreme Wordpress vulnerability
Reportedly, 50,000+ WordPress websites have been hacked.
Our support team here at WA provides our security and is probably on top of this but it is extremely important to upgrade to the current version of WordPress (4.7.2). For good measure I installed a PlugIn called "Disable Rest API." The plug in disables those features within REST that allow external access. This is extremely important for all of us that have WP sites hosted at other than WA. If you want to read a more in depth article about REST and this vulnerability check out https://blogs.akamai.com/2017/02/wordpress-web-api-vulnerability.html
Recent Comments
7
It's always important to keep WordPress and your plugins and themes up to date. Most updates are for security reasons. Updates Update, Update, Update - Security Alert Thanks for helping spread the word Bill.
I have updated all my sites directly, Question: I have API plugins from affiliate sites, is that what they mean?
REST was incorporated into WP about a year ago. It allows designers to control remote computers and does a lot of other stuff I don't fully understand. This warning applies only to REST and the recommendation is to block external computer access because hackers can use that feather to easily gain control of your posts and pages and mess with them. While protecting your site manually takes some skill, the DISABLE REST API will take care of the problem for you. The article I referenced will probably tell you a lot more than you want to know. It is pretty technical.
I checked the article, and exit soon after. Rather technical. It reminds me of the quotation, 'If you cannot explain it simply, then you don't understand it enough'. If you update to the latest wordpress, I believe this should be okay. Too many plugin slows down one's site anyway.
See more comments
Thanks for the heads up.