Posted by Alec on Wed, 02 Sep 2009, in Web Design Wordpress
I still remember the first time I started using Wordpress, that was not so long ago when the word 'blogging' started to appear on every media. Blogs have grown dramatically popular. Some blog for making pennies out of it, some blog for fun and variety reasons. Back in that time, there weren't many blogging platforms available, apart from those written as open source, such as Wordpress. It quickly became a hit year after year partly because of its simplicity of usage and free of charge.
Today, Wordpress community had grown bigger than it was and thousands and thousands of developers work on modules, pluggins and themes for it. However, security has always been a big issue for Wordpress powered sites and it seems to be one of the most common concerns for open sourced software. While wordpress powered blogs can be found almost everywhere on the Internet, it has quickly become a good spot for hackers and spam marketers to tack on.
The earliest trick of spamming on WP blogs was the annoying "spammy comments". Every blog post has the ability of enabling readers to leave comments. Many black hats saw this opportunity and used automated robot to post spammy comment on blogs crawled. These comments usually contained of links to their website or affiliated products and are usually irrelevant to the blog post's content, hence hurting the blog's status for organic search rankings.Developers had quickly realised this attack and later came out with a solution called, CAPTCHA, which is a technique enforcing comment authors to verify if they are real human by entering human readable only characters into a validated text field.
While this solved spammy comments for awhile, the new form of attacks on Wordpress blog has emerged. Recent years, many WP blogs have been attacked by hackers who hacked into their file systems and left malicious script on their template, which generated hidden links. What's even more scary is most of the time, the owner of these blogs are not aware of it because the links are hidden. The result of this is a dramatic decrease of website traffic, losing many high rankings from Google and possibly even blocked by Google.
As the Wordpress team are constantly developing and fixing security holes, Wordpress bloggers should always make sure their site is as safe as possible through the following checklist: