There’s a flurry of reports on the internet about potential WordPress threats and attacks if you haven’t yet upgraded to the latest release of WordPress 2.5.
If you are still running WordPress 2.3.2 and below then your website is at grave risk. From what I could make out after a couple of minutes of browsing various security websites, all the experts are saying this thing in unison – Upgrade ASAP.
What kind of vulnerabilities are we looking at here and how do you know you are a victim of this security breach.
Find Out If Your Blog Has Been Compromised –
Eventually, the purpose of the spammers and hackers is to insert links in your website which would either eventually get crawled by the Search Engine bots and increase their rankings or your website visitors might click on these links consequentially generating revenue for the spammers and hackers.
Usually, the web admin gets suspicious when the website gets black listed by the Search Engine and consequentially the search traffic directed to the website totally drops. That raises a red flag for every webmaster worth his/her salt.
You certainly would like to know before this happens. But the key is, spammers and hackers take enough precaution that it makes your job wee bit harder. You won’t know at first glance that the website has been compromised because these insertions would be invisible to casual observation.
One way to find out a suspicious link is, using the Firefox browser click on Tools >> Page Info and then click on links. This would display all the links emanating from your website. Scan them for any suspicious link which you think should not be there. If you see any, this means your website has been compromised.
Impact Of Not Upgrading:
If you are running 2.3.2 or below version of WordPress, then Technorati is not going to index your blog anymore. This is because of the high propensity of fraud that has been witnessed in these blogs. The spammers by insert a piece of code by exploiting a vulnerability, are also eventually putting the various search engines from Tehnorati, Google, Yahoo etc are at risk by skewing their search results. Hence this step from Technorati.
If you have a version prior to 2.3.3 then you are at a higher risk of getting your website/blog compromised. Older versions have security holes and breaching them is becoming all to common among the hackers who insert their own snippet of code and earn affiliate cash through it. In most cases, the website admin is not even aware of the breach because of the stealth manner in which the whole operation is carried out.
This exercise is akin to daylight mugging and you want to avoid it at all cost.
Due to these concerns, you should make a plan to upgrade your WordPress driven website as soon as possible if you haven’t already done so.