WordPress 4.7.2 was released on January 26th and if you’re running your website with this popular CMS, we recommend that you check for updates ASAP.
To do this, login to your admin panel and select Updates
You will see the version of WordPress you are running and the option to update (if you haven’t already done so).
We also recommend enabling automatic updates on your website.
Earlier in January, our partner Sucuri reported a security issue to the WordPress team – a severe content injection (privilege escalation) vulnerability affecting the REST API. This vulnerability allows an unauthenticated user to modify the content of any post or page within a WordPress site.
They worked closely with the team at WordPress and version 4.7.2 and the updates includes protection against this threat.
If your version of WordPress is up to date, you are protected, however we recommend an extra layer of protection – we use it on all of our sites also.
For just $15 per month, your site will be protected from:
- Zero-Day Exploits
- Cross Site Scripting (XSS)
- Remote File Inclusion (RFI)
- Local File Inclusion (LFI)
- SQL Injection Attacks
- Cross Site Request Forgery (CSRF)
- Login Form Bypassing
- Out-Of-Date Software
- Insecure Plugins
- Vulnerable Themes
- Bad GET or POST Methods
- Insecure Direct Object Reference
- Bash Bug / Shellshock
- Malicious HTTP Requests
- Remote Code Execution
- Malformed Cookie Requests
Sucuri WAF works with any CMS or custom website. Learn how Sucuri protected our WordPress hosted site from 12,000+ attacks in just 6 months.
How Does it Work?
Simply change your DNS A records to point to the CloudProxy firewall IP addresses. As a result, all of your site’s traffic will be redirected to CloudProxy where they will filter malicious traffic, blocking it from reaching your site.
As a bonus, you also benefit from better performance and speed, due to their caching optimization.
To protect your website and activate Sucuri Website Firewall protection for only $15 per month, get in touch with us and we will have you set up within 24 hours.