Year: 2017

WordPress Security Vulnerabilities

WordPress Security VulnerabilitiesWordPress Security VulnerabilitiesThere are over 1 billion websites on the internet today and 28 percent of them are powered by WordPress. That’s over 280,000,000 WordPress websites and counting. You may be asking yourself, “How fast is the WordPress market share increasing?”. A whopping 50,000 new WordPress websites are launching each day and over 22 billion pageviews a month are served by WordPress sites.

WordPress is by far the most popular content management system (CMS) in use today. When only looking at websites that are powered by a CMS platform, WordPress holds 60% of the market. Joomla is the second most used CMS with a meager 6.3%, followed by Drupal with 4.8%, Magento with 2.7%, and Blogger with 2.5%. It’s safe to say that WordPress is dominating the CMS market and is forecasted to remain the reigning champion.

What does this all mean?

With WordPress’s massive numbers, it’s a HUGE target for hackers. WordPress, just like any other software, needs to be updated. The number one thing anyone can do to safeguard their website is to keep the WordPress platform and plugins up to date. Sounds simple right? It is, but many people often neglect this process for one reason or another. An outdated WordPress site is extremely vulnerable.  

Why would anyone hack me?

Often, people have the mindset of “I don’t need to worry about hackers because I have a tiny website and why would anyone want to harm me?”. Most hackers are not usually singling out one specific website to compromise. They are casting a wide net and taking down as many websites as they can, in one fell swoop. Hackers don’t care how small a website is or how much traffic it receives, they will go after the largest target and focus their time and energy into the biggest payout. Once a vulnerability is discovered, the hackers go to work compromising, defacing, or completely deleting websites. If your WordPress site is out of date, then you need to take action to ensure your website is updated and secure.

Case and point

In February of this year, hackers found a content-injection vulnerability within the WordPress core files and thousands of websites were hacked before anyone knew there was a problem. WordPress quickly patched the vulnerability with version 4.7.2. Since updating the WordPress Core files is often neglected, many websites were left out of date. Hackers rushed to compromise the remaining websites that were without the security patch. Many outdated websites have been repeatedly hacked and defaced by mutable hackers. These websites will continue to be hacked over and over again until the sites are updated.  To date, over 1.5 million websites have been hacked due to this single content-injection vulnerability.

What can you do?

Only around 40% of WordPress sites are up to date, which means 60% of WordPress installations are vulnerable to hacker attacks. If you have a wordpress website, it is very likely that it’s out of date and at risk. You have two options to keep your site safe and un compromised. The first option is to log into your WordPress website and apply the updates yourself (and do it often). The second option is to hire a reputable company that will provide this service. For under $20 a month, you can find a company who will keep your website updated and protected and send you monthly reports on the work completed.

In addition to keeping your WordPress platform and plugins up to date, here are four additional steps you can take to further secure your website:

  1. Backup. Backup your WordPress site and database often by downloading the backup files and storing them offsite. A backup on your server is useless if a hacker wipes out the entire server space.

Pro tip: Install the WordPress plugin Duplicator. It’s a great free tool for backing up your website files and MySQL database.  Use Dropbox to store all of your backup files. Your backups will be safe and secure on their cloud servers. Also, your hard drive will thank you.

  1. Monitor your files: When a WordPress core file changes unexpectedly, you need to take action. This is a tell-tale sign that your site was compromised. Knowing when a file change happened is very hard to keep track of manually.

Pro tip: Wordfence is a great free plugin that will scan and alert you when a change happens. Many issues can be fixed within the plugin with a few clicks of your mouse.

  1. Implement a lockdown feature: Brute force attacks are a huge WordPress security vulnerability. When enabled, you will get notified whenever there is a brute force hacking attempt. The site will lock down and the hackers attempt will be terminated.

Pro tip: Use iThemes Security for brute force/lockdown to ban an attacker’s IP address after a certain number of failed login attempts. iThemes Security is also packed with many great features that will keep your website secure.

  1. Change your Login/Password. Avoid using the default WordPress login “admin”, hackers know this and use it to their advantage. Using an email address as the username is a superior option. When creating a password you obviously, don’t want to make it “password.” A strong password should contain 12 to 14 characters, including lowercase and uppercase alphabetic characters, numbers, and symbols. For example: “oi2#($.1-Dvmfk” is a very strong password. It would take an extremely long time for a hacker to crack that password using brute force methods.  

Pro tip: Use a third party password manager like LastPass to securely store and use your complex passwords. Never write down your password.

Recycling PerksRecycling Perks

Array Digital has been selected by Recycling Perks to provide Hosting & Continual Support on a recurring basis for recyclingperks.com. Continual Support ensures that Recycling Perks, a state of the art mobile responsive web application, remains well maintained, updated, optimized, and ensures business continuity.

Recycling Perks, a leader in increasing recycling participation and reducing landfill wastes. Recycling Perks supports eleven municipalities on the East Coast including Richmond, Atlanta, and Hollywood Florida, located between Fort Lauderdale and Miami. Through big data techniques, website members are automatically issued points each time their recycling bin is emptied. Points are redeemable for discounts with local retailers.

Members recycle and Recycling Perks rewards! https://recyclingperks.com

Learn more about Array Digital’s Continual Support Services.

Master Tool RepairMaster Tool Repair

Master Tool Repair Inc (MTR) sells tools and parts to contractors and tool owners across the country.  They represent and sell for over 35 national tool brands including DeWalt, Black & Decker, Kobalt, Porter Cable, Craftsman, and Husky. Various types of tools are sold including air compressor parts, generators, pressure washers, pneumatic nail guns, as well as hard to find replacement parts.

Manually managing this complex mix of inventory and changing prices from so many suppliers was a challenge. Requiring a solution for managing the complexity of their core business, MTR partnered with Array Digital to create an inventory information management system. Data is now standardized, organized, and migrated to their various production systems used to place and process orders across multiple sales channels. Array Digital has streamlined the process of receiving supplier parts and price lists through the implementation and support of a custom software solution.

Inventory Management for Global Tool Brands

Inventory Management for Global Tool Brands

“Erik Olson has been very helpful translating our data needs into systems that his developers have created and continue to develop to be able to manage close to 500,000 skus under many brands. Pricing comes in several different formats from each of our suppliers with different discounts which makes updating our inventory system a challenge. Erik and his team have created tools which make this process much simpler.”
– Gill Trotman, CEO of Master Digital Services

Learn more about Array Digital’s custom software development.

UnWINEd with Array Digital – The Recap

Array Digital is passionate about supporting community events. Last week we partnered with Old Dominion University’s Center for Enterprise Innovation. ODU provides integrated programs to advance businesses and organizations to become strong contributors to the economy. ODU initiatives contribute $2.6 billion annually to the economy.

Array Digital was selected to host unWINEd, an ODU Center of Enterprise Innovation event where some of the brightest minds met to discuss pressing business and cultural issues. On a warm summer night, business leaders gathered to enjoy food, wine, and exchange new ideas for leading their organizations through the current economical and political climate.

View a recap of the event below:

Why Your Website Needs a Continual Support PlanWhy Your Website Needs a Continual Support PlanYou’ve created a shiny new website and you’re proud of it. It’s the result of countless hours coming up with content, graphics, and finding ways to showcase all the great things your company has to offer. You’ve invested much of your time and money to make sure it’s just right, and finally your vision is on the web for the whole world to see.

Continue reading

How to Tell a Story Through Your Design

From daily conversations to entire Sundays spent in front of your new Netflix obsession, stories are a natural part of our lives. Stories are our way of communicating experiences through language, visuals and actions. Just like any good story, a well-crafted design must be compelling and have a sequence of events that flows naturally. As a designer, we’re told repeatedly that a successful design is the product of great storytelling, but it seems that everyone has a slightly different take on the idea… so here are three simple guidelines to ensure that your design tells a great story:

Continue reading

Assessing Requirements: The Real M.V.P.

In the world of software development, we help clients get from their current situation to their ideal situation. Clients bring a plethora of big ideas to the table without always truly understanding the cause of their pain point. We figure out what is causing the symptoms instead of throwing a bandage over the open wound to make it easier to look at. The easiest way to get to the root of the issues is to determine a Minimal Viable Product (M.V.P.). A Minimal Viable Product is a product that purely addresses the issues and saves future features until users get a chance to use the product and provide feedback.

Continue reading

Array Digital launches WP Critical Care

WP Critical CareWP Critical Care

We are pleased to introduce our newest product, WP Critical Care!

Having created and maintained over 500 websites, Array Digital has seen first hand the effects of a WordPress site that is not maintained.

Websites, just like any other software, become vulnerable to hacking when neglected. Hacking commonly results in unauthorized and embarrassing changes to your content, or worse, complete outages. Almost all of the hacking incidents we’ve helped with were due to neglect such as not updating plugins, not backing up files and the database, and not running security scans.

To directly address these pain points, we are pleased to announce the launch of WP Critical Care, owned and operated by Array Digital. WP Critical Care secures your WordPress website so you won’t get hacked!

For only $19 a month, WP Critical Care includes:

  • WordPress Updates
  • WordPress Database Optimization
  • WordPress Uptime Monitoring
  • WordPress Security Scans
  • WordPress Backups
  • WordPress Spam Control
  • WordPress Site Speed Tracking
  • WordPress Weekly Reports

You’re at risk if you can’t answer YES to each of these questions:

  • Are you running the latest version of WordPress?
  • Do you know how many plugins your website uses?
  • Is each of your plugins using the latest version?
  • Do you backup your website daily?
  • Are your backups stored offsite and in the cloud?
  • Do you actively scan for malware and blacklisting?
  • Are you monitoring your websites uptime and downtime?
  • Are you monitoring how fast your website loads?

Get Protected Now

UnWINEd with Array Digital

Array Digital is pleased to host UnWINEd. Our new office in Chesapeake is near Battlefield Blvd and I64. It’s fresh, modern, and houses our 13 employees. Enjoy your drink and hor d’oeuvres indoors in the AC or outside at our picnic tables and umbrellas.

Register Today

A Site That Rocs – Roc Solid Foundation

A Site That Rocs - Roc Solid FoundationA Site That Rocs - Roc Solid Foundation

Roc Solid Foundation is dedicated to building hope for families facing pediatric cancer. The organization is best known for its Play It Forward initiative, which constructs playsets for kids ages 1 – 8 and completes room makeovers for kids ages 8 – 18. Roc Solid is fast-growing and committed to making a difference for these children and families throughout the United States.

The work Roc Solid Foundation does relies heavily on the generosity of its volunteers and sponsors. They understand the importance of an online presence that is optimized for these audiences, which is why they have employed Array Digital to modernize their website. Along with refreshing the content and color, Array Digital will optimize the user experience by streamlining the layout, making it easy for users to volunteer and donate. Stay tuned to http://rocsolidfoundation.org/ to view the redesigned website. Click HERE for a website of your own.

Get Started Now

Give Us A Call: (888) 338-8252

Hire Us!

Join Our Newsletter

About once a month we'll send information about trends in the digital products industry and other tidbits on what you need to know to keep up to date with software, websites, and digital marketing. Nothing spammy. Unsubscribe at any time.

OUR SERVICES

Please provide us with a little information before downloading our brochure.
Hire Us
 

Get Started

© 2017 Array Digital, LLC