Why WordPress = Automatic Target

WordPress has the distinction of being the most frequently used open source blogging tool and CMS (Content Management System in the world. Drupal is another CMS that is very popular. You would think that's a good thing. If it's so popular I should use it too right? Well not so fast... read on to see why the most popular means the biggest target for attack.

A recently discovered vulnerability in both WordPress and Drupal sets up website owners for DOS (Denial of Service) attacks through incoming .xml files (details here).

Hackers, like anyone else want the most ROI or "BANG for their buck", just like anyone else. Therefore they tend to target opportunities where an exploit or weakness will have the most opportunities for damage. For instance most viruses and malware are targeted at the Windows platform since roughly 95% of us use Windows as our desktop operating system. So when Hackers look for weaknesses in websites... which platform do they target? You guessed it, WordPress. Because if they find a way in, they can get into LOTS of sites. According to WordPress.com "tens of thousands of new WordPress sites are created every day." Estimates put WordPress and Drupal powered sites at 23% of all Internet sites. Talk about opportunity!

Look at this another way... if a door lock company had a huge market share, and a "master key" was found that would open up all those locks. Would you want that lock on your house?

BANG! Web Site Design is a custom website development company. We write most of our own systems including the CMS system our clients use. So when hackers come knocking at our doors they can't get in. In fact we take down their IP address and put them on a blocklist so they can't do any damage in the future either. So if you want a secure website that doesn't have a "target painted on it's back", talk to us. We charge a little more than the guys using WordPress, but we are worth every penny.