VPS Hosting

If you use WordPress, you’re advised to change your passwords pronto thanks to a cross-site scripting vulnerability that was recently spotted by Future Hosting. The host offers virtual private server (VPS) hosting and dedicated hosting, and in January noticed that there was a vulnerability present in WordPress.org sites. While many WP users utilize the WordPress.com site, just to play it safe all users are recommended to switch up their passwords—plus, it’s a good idea to do so at regular intervals anyway.


Is your WP site safe?

Is your WP site safe?

If you don’t, cybercriminals might be able to use arbitrary code to target you. Any and all versions of WP up to 4.4.1 are at risk, according to Future Hosting (which is in charge of the majority of WP site hosting needs). Cross-scripting issues are one of the most common, as well as the most malicious. They’re especially common on sites that offer user-submitted content approaches (think blogs). It’s due to input that isn’t properly “cleansed,” and all it takes is a little dangerous JavaScript coding on a single page.

Code Red!

That dangerous code is ran in every browser of future visits to stage a full-on attack. Browsers, by design, trust these scripts to make for an enjoyable user experience. However, this is done by making authentication cookies (this goes for admin user cookies, too) vulnerable. According to Maulesh Patel, Future Hosting’s VP of Operations, “Many WordPress users have updated to the newest version, but we’re seeing a substantial number who have yet to upgrade and who are still vulnerable. We advise WordPress site owners to upgrade immediately and activate automatic upgrades on their WordPress site so that security issues of this sort can be mitigated immediately upon the release of a patch.

Don’t rely solely on WP’s automatic updates. They take care of just the smallest point releases, which likely won’t make your site vulnerable to hackers anyway. The major security repairs and preventions require some manual work. If a WP site gets compromised and isn’t addressed, they also become more vulnerable to other attacks and botnets. Having any site, including a WP one, requires regular updates and password changes.

Isn’t VPS Supposed to Be Safer?

As you might be wondering, if Future Hosting specializes in VPS and dedicated hosting, isn’t that supposed to be safer than basic shared plans? Yes, but these options are still not bulletproof. Plus, WordPress sites are some of the most popular and common in North America—you know that and so do hackers. Solely having a VPS site doesn’t make you immune to hack attacks, but it does mean your site is safer than if you went with a basic shared plan.

No matter what kind of hosting you have, it doesn’t take the place of regularly changing your password and opting for updates. It’s all part of being a solid online citizen and smart website owner. However, if you do still happen to have a basic shared plan, take the time to upgrade to VPS as well as schedule reminders for password changes.



Category : VPS Hosting


Leave A Reply

Optimization WordPress Plugins & Solutions by W3 EDGE