RP AXIS recently was hired by Music Works Inc to investigate a WordPress website they had built. We found a few problems with the WordPress install so we were requested to act fairly quickly and solve the problem. Due to the time constraint we decided to code the website from scratch and remove the unmaintained WordPress build. The website can be found at http://www.gomusicworks.com. Continue reading to find out why a WordPress powered website raises security concerns.
The 5 most common security issues with WordPress are Brute Force Attacks, File Inclusion Exploits, SQL Injections, Cross-Site Scripting (XSS) AND Malware. In the case of http://www.gomusicworks.com it was a Malware attack. Simply put a Malware was injected into the websites files. The most common reason for these security issues is because the client does not realize that someone needs to update WordPress, the Plugins and the Theme on a fairly consistent basis.
The most common reasons why customers use WordPress is because of Search Engine Optimization, the low costs associated and the speed factor in getting a website live. Once the site begins to gain success the website will become a target for Malicious attacks. If the WordPress is not maintained on a weekly/monthly basis the same that happened to http://gomusicworks.com will happen to you. RP AXIS is a web design company located on Long Island and has been contracted by 100's of customers in the New York area to clean up and transfer WordPress websites to core PHP since 2002.