During a routine audit, we found a critical vulnerability affecting the popular MainWP Child WordPress plugin. According to worpdress.org, it is installed on more than 90,000 WordPress sites as as remote administration tool.
This vulnerability allows anyone to login as an administrator only by knowing the target user’s handle, which is a password bypass. It is very simple to exploit and because security tools like WPScan already automate the process of grabbing a list of usernames from WordPress sites, it’s a big issue.
Clients using our Website Firewall are already protected against this issue.
Contact us for further information about this low cost security protection for your website. For  less than the price of a cup of coffee per working day, can you afford to be without Website Firewall?
 

Most website hacks come from insecure code being exploited. The attack code is hidden within the millions of lines of code that make up your website. When a security flaw becomes known, all vulnerable websites can be compromised within a very short time frame.

You need robust defenses to prevent hackers from infecting your website. By taking away the methods used to crack your insecure code, the malware attackers attempts become useless. Eliminate all website security vulnerabilities and replace them with a blocking page for anyone who dares to exploit them.

For  less than the price of a cup of coffee per working day, can you afford to be without Website Firewall?

Malware and hacking is a real threat – with 87% of small businesses hit by denial-of-service attacks in the last year.

(source http://www.pwc.co.uk/assets/pdf/cyber-security-2013-technical-report.pdf)

Make sure you use the following 7 preventative measures:
1. Change your FTP (or SSH) password regularly.
2. Change your administrator password.
3. Check in your admin panel if there are additional admin users and change their passwords as well.
4. Remove any admin access that is not necessary.
5. Run regular virus scans on your personal desktop/laptop.
6. Update your website! One of the leading causes of infections is outdated software.
7. Backup your site!

We copy your website and database on a regular basis and host it away from your server. The copies (the latest 3 are kept) are stored on our secured server and also on a cloud based platform with secured and limited access.
Access can be given to your team, your hosting provider and also your website developer. Because the copies are on the cloud, they are available 24/7.
This means that no matter what, your website can be recovered.
In some cases, it is so imperative that a site remains live, that it may be wise to host a mirrored version of your site for almost instant accessibility.
We just need FTP access or in some instances, admin access – a full audit of your website will be assessed before we take your order!
Call us now on 01604 328899 to discuss the options available to you.