Tech Stuff

Update Your Sites

In December, DHS published an extensive report on the hacks coming out of Russia that influenced the November Presidential election. Today, WordFence has done further analysis and discovered that some of the attack vectors came from unpatched WordPress sites.

The story focuses on one site (though there were more) running a plugin with a known vulnerability — which had been patched a year previously, but the site owner hadn’t run their updates.

And they still haven’t. The site remains vulnerable to SQL injection even now.

For heaven’s sake people, it’s basic maintenance. Every day log into your dashboard, look for the circular arrows in the top bar for available updates and run them.

It takes a minute.

Tom

Tom McGee has been building web sites since 1995, and blogging here since 2006. Currently a senior developer at Seton Hall University, he’s also a freelance web programmer and musician. Contact him if you have the need for a blog, web site, redesign or custom programming!

Leave a Reply

Your email address will not be published. Required fields are marked *