Beware backend vulnerability

Beware backend vulnerability

At Thinker we’re pretty proud of our scalable web hosting platform. It’s interesting to see it do its thing and scale out multiple times a day, then scale back down again. Recently, we decided to drill down into the logs to find out what sort of access is causing sites to scale. To our dismay, a lot of this traffic is caused by other rogue sites repeatedly trying to hack into a site’s backend.

Our WordPress sites all are protected by a firewall, which will block an attack after a set number of failed logins. However, it may not protect against other types of attack, for instance against a known plugin vulnerability, and it only works with WordPress. We host a number of other Content Management Systems. Our view is that it’s vitally important to keep all dynamic content management sites updated and patched.

WordPress Core is a reasonably secure system, however, anyone can write a plugin and extend its core features. Those plugins may not be as secure as WordPress itself. Some may be insecure and abandoned by their developers, never to be repaired. When they are vulnerable, it may allow an attacking computer to inject data into the database. We took over hosting for a site and found an administrative user had been added and hidden, which was then used to deface the site and post dubious links to other sites.

Two of our hosted sites came to us because they had been defaced. It’s easier to protect and keep a site updated than it is to clean up a defaced site. This is one of the reasons we prefer to run a managed infrastructure, where a lot of the avenues used to traditionally break into a webserver are unavailable or locked down.

Two predecessors to the CMS crown, currently worn by WordPress, Drupal and Joomla still are in active development, however many sites hosted on these platforms were written more than five years ago and have been left static by their developers. Aside from not being very mobile-friendly and not filling the larger screen sizes we tend to use today, these are likely to be targeted by hackers trying to exploit a site. Wordfence, one of the authors of security software for WordPress, recently sent out an advisory that Drupal versions 7 and 8 had a serious remote code execution vulnerability. Although it is not known if this had been exploited, the way of exploiting those sites is now widely known. It’s imperative to upgrade any Drupal sites to newer versions of 7 or 8.

The biggest advantage of using a CMS (Content Management System) is that it’s easy to add content to your site. However, it’s imperative to keep working on the site, not just adding content to help your S.E.O. score, but also refreshing and updating your themes and plugins. Bear in mind that as people upgrade their PC’s, laptops and phones, the screen real estate they have available increases. A site that looked great at 1280×800 may look terrible on a 4K monitor.  Also take this opportunity to freshen up the graphics and look and feel of the site.

If you need help keeping on top of it, let us know. Thinker offers a variety of packages to keep your site secure and up to date, we also have a great team of developers and artists able to freshen up the look of a stale site.