Month: August 2017

WordPress Security Vulnerabilities

WordPress Security VulnerabilitiesWordPress Security VulnerabilitiesThere are over 1 billion websites on the internet today and 28 percent of them are powered by WordPress. That’s over 280,000,000 WordPress websites and counting. You may be asking yourself, “How fast is the WordPress market share increasing?”. A whopping 50,000 new WordPress websites are launching each day and over 22 billion pageviews a month are served by WordPress sites.

WordPress is by far the most popular content management system (CMS) in use today. When only looking at websites that are powered by a CMS platform, WordPress holds 60% of the market. Joomla is the second most used CMS with a meager 6.3%, followed by Drupal with 4.8%, Magento with 2.7%, and Blogger with 2.5%. It’s safe to say that WordPress is dominating the CMS market and is forecasted to remain the reigning champion.

What does this all mean?

With WordPress’s massive numbers, it’s a HUGE target for hackers. WordPress, just like any other software, needs to be updated. The number one thing anyone can do to safeguard their website is to keep the WordPress platform and plugins up to date. Sounds simple right? It is, but many people often neglect this process for one reason or another. An outdated WordPress site is extremely vulnerable.  

Why would anyone hack me?

Often, people have the mindset of “I don’t need to worry about hackers because I have a tiny website and why would anyone want to harm me?”. Most hackers are not usually singling out one specific website to compromise. They are casting a wide net and taking down as many websites as they can, in one fell swoop. Hackers don’t care how small a website is or how much traffic it receives, they will go after the largest target and focus their time and energy into the biggest payout. Once a vulnerability is discovered, the hackers go to work compromising, defacing, or completely deleting websites. If your WordPress site is out of date, then you need to take action to ensure your website is updated and secure.

Case and point

In February of this year, hackers found a content-injection vulnerability within the WordPress core files and thousands of websites were hacked before anyone knew there was a problem. WordPress quickly patched the vulnerability with version 4.7.2. Since updating the WordPress Core files is often neglected, many websites were left out of date. Hackers rushed to compromise the remaining websites that were without the security patch. Many outdated websites have been repeatedly hacked and defaced by mutable hackers. These websites will continue to be hacked over and over again until the sites are updated.  To date, over 1.5 million websites have been hacked due to this single content-injection vulnerability.

What can you do?

Only around 40% of WordPress sites are up to date, which means 60% of WordPress installations are vulnerable to hacker attacks. If you have a wordpress website, it is very likely that it’s out of date and at risk. You have two options to keep your site safe and un compromised. The first option is to log into your WordPress website and apply the updates yourself (and do it often). The second option is to hire a reputable company that will provide this service. For under $20 a month, you can find a company who will keep your website updated and protected and send you monthly reports on the work completed.

In addition to keeping your WordPress platform and plugins up to date, here are four additional steps you can take to further secure your website:

  1. Backup. Backup your WordPress site and database often by downloading the backup files and storing them offsite. A backup on your server is useless if a hacker wipes out the entire server space.

Pro tip: Install the WordPress plugin Duplicator. It’s a great free tool for backing up your website files and MySQL database.  Use Dropbox to store all of your backup files. Your backups will be safe and secure on their cloud servers. Also, your hard drive will thank you.

  1. Monitor your files: When a WordPress core file changes unexpectedly, you need to take action. This is a tell-tale sign that your site was compromised. Knowing when a file change happened is very hard to keep track of manually.

Pro tip: Wordfence is a great free plugin that will scan and alert you when a change happens. Many issues can be fixed within the plugin with a few clicks of your mouse.

  1. Implement a lockdown feature: Brute force attacks are a huge WordPress security vulnerability. When enabled, you will get notified whenever there is a brute force hacking attempt. The site will lock down and the hackers attempt will be terminated.

Pro tip: Use iThemes Security for brute force/lockdown to ban an attacker’s IP address after a certain number of failed login attempts. iThemes Security is also packed with many great features that will keep your website secure.

  1. Change your Login/Password. Avoid using the default WordPress login “admin”, hackers know this and use it to their advantage. Using an email address as the username is a superior option. When creating a password you obviously, don’t want to make it “password.” A strong password should contain 12 to 14 characters, including lowercase and uppercase alphabetic characters, numbers, and symbols. For example: “oi2#($.1-Dvmfk” is a very strong password. It would take an extremely long time for a hacker to crack that password using brute force methods.  

Pro tip: Use a third party password manager like LastPass to securely store and use your complex passwords. Never write down your password.

Recycling PerksRecycling Perks

Array Digital has been selected by Recycling Perks to provide Hosting & Continual Support on a recurring basis for Continual Support ensures that Recycling Perks, a state of the art mobile responsive web application, remains well maintained, updated, optimized, and ensures business continuity.

Recycling Perks, a leader in increasing recycling participation and reducing landfill wastes. Recycling Perks supports eleven municipalities on the East Coast including Richmond, Atlanta, and Hollywood Florida, located between Fort Lauderdale and Miami. Through big data techniques, website members are automatically issued points each time their recycling bin is emptied. Points are redeemable for discounts with local retailers.

Members recycle and Recycling Perks rewards!

Learn more about Array Digital’s Continual Support Services.

Master Tool RepairMaster Tool Repair

Master Tool Repair Inc (MTR) sells tools and parts to contractors and tool owners across the country.  They represent and sell for over 35 national tool brands including DeWalt, Black & Decker, Kobalt, Porter Cable, Craftsman, and Husky. Various types of tools are sold including air compressor parts, generators, pressure washers, pneumatic nail guns, as well as hard to find replacement parts.

Manually managing this complex mix of inventory and changing prices from so many suppliers was a challenge. Requiring a solution for managing the complexity of their core business, MTR partnered with Array Digital to create an inventory information management system. Data is now standardized, organized, and migrated to their various production systems used to place and process orders across multiple sales channels. Array Digital has streamlined the process of receiving supplier parts and price lists through the implementation and support of a custom software solution.

Inventory Management for Global Tool Brands

Inventory Management for Global Tool Brands

“Erik Olson has been very helpful translating our data needs into systems that his developers have created and continue to develop to be able to manage close to 500,000 skus under many brands. Pricing comes in several different formats from each of our suppliers with different discounts which makes updating our inventory system a challenge. Erik and his team have created tools which make this process much simpler.”
– Gill Trotman, CEO of Master Digital Services

Learn more about Array Digital’s custom software development.

UnWINEd with Array Digital – The Recap

Array Digital is passionate about supporting community events. Last week we partnered with Old Dominion University’s Center for Enterprise Innovation. ODU provides integrated programs to advance businesses and organizations to become strong contributors to the economy. ODU initiatives contribute $2.6 billion annually to the economy.

Array Digital was selected to host unWINEd, an ODU Center of Enterprise Innovation event where some of the brightest minds met to discuss pressing business and cultural issues. On a warm summer night, business leaders gathered to enjoy food, wine, and exchange new ideas for leading their organizations through the current economical and political climate.

View a recap of the event below:

Get Started Now

Give Us A Call: (888) 338-8252

Hire Us!

Join Our Newsletter

About once a month we'll send information about trends in the digital products industry and other tidbits on what you need to know to keep up to date with software, websites, and digital marketing. Nothing spammy. Unsubscribe at any time.


Please provide us with a little information before downloading our brochure.
Hire Us

Get Started

© 2017 Array Digital, LLC