Let me get this straight…. I love WordPress. I really think it’s the best all-round CMS, and so does the world, it seems. Statistics show it to power anything between 15 and 25% of the world’s websites and that’s not going away.
But with that popularity, there comes a small problem… that any vulnerability becomes an easy target for hackers. The latest attempts at exploitation reported by the BBC today are worrying. I feel some of the larger BotNet attacks on the world’s websites will soon be dwarfed by some really huge – off-the-scale ones… so hackers will exploit any vulnerabilities in popular software – and WordPress is certainly popular.
But perhaps the most worrying thing about this is it’s fundamentally down to crackable passwords. By repeatedly hammering the user name ‘admin’ and thousands upon thousands of password combinations, a bot will eventually crack its way in. By using the standard username ‘admin’, you may well be putting not only your site, but thousands of others at risk. Change it!