It seems that every month there’s a report of a new security breach. We’re not talking small websites here. We’ve seen some huge companies breached and millions of user’s information leaked.
The fact is that if you’re online, you’re vulnerable. For most people, the risk comes from phishing and social media hacks. Even the more security savvy user is can get caught out.
People generally don’t worry much about their security online. They use weak passwords. Reuse them between services.
The scary part is that many of them know it’s risky. The inconvenience of remembering complex passwords, for many, outweighs the risk.
Nowhere is security more important than on your website.
In 2014 the FBI estimated that there were 18 botnet attacks per second. [source]
That’s not so bad you say. That’s 1,5 million a day.
What, pray tell, is a bot or botnet? In very simple terms they’re computers that have been infiltrated, usually secretly. They are then used to try and break into other computers. There, they might do anything from displaying ads on a site, to something more sinister like stealing information. Like credentials, passwords, financial information… They can take an entire site down and hold it to ransom until you pay a large amount of money. They can also cause performance issues on your site and that’s bad for your visitors and your search engine rank.
Since most botnet infections are undetected, the reality is that the internet is now mostly bots.
Here at LiveFuse Web Studio, we’re paranoid. Every site we build gets locked down. While there is no way to stop bots or hackers from trying to break into your site, we make it as tough as possible. We hide the URL for the back-end, use strong passwords, 2 factor authentication and let the security plugin lock everything else down.
Recently, on this site, we set up auto-posting. We wanted to have these posts automatically share to social media. Now ordinarily you need to create an app in Facebook to handle that. It’s a pain and takes ages to be approved. So we used Jetpack because it doesn’t need any apps. The problem there is that it needs XML-RPC to do it. This was how WordPress used to handle communication across platforms. There is a much better method now but some things, like this still need it.
None of this is the fault of Jetpack. Simply that XML-RPC is an easy path for botnets.
When we secure a site, we also set up email notifications when something tries to log in. After a few attempts they get permanently blacklisted. We’d had the plugin set up for a couple of weeks. No problems. Until yesterday when we started seeing a lot of lockouts. From all over the world. There were around 200 in 24 hours.
We’re locked down so we don’t panic. But if we’re seeing a sudden sharp increase we need to know why.
A quick look in the logs showed us that they were all using XML-RPC. So we simply blocked it and now, no more attempts. So even though we had secured the site and there was really not much risk of anything getting through. That many login attempts could affect site performance.
When you choose LiveFuse to build your site you can be confident that we’ve made sure it’s secure and in the unlikely event that something does happen, we can get your sorted quickly