Managed VPS hosting provider Future hosting, warned its WordPress hosting web customers beware of plugins and themes downloaded from unverified sources. Many of these plugins and themes are infected with malware which was also reported by WordPress security researchers at Sucuri. By installing plugins and themes compromise, WordPress website owners expose their users to serious security risks.
malware is a particular problem for the so-called premium nulled themes. Criminals take legitimate premium themes that developers charge, insert the code malware in them, and release them free versions. Tempted by the lower cost, WordPress Web hosting customers often would install these themes, opening their WordPress website to the attacker and any software, he or she may want to install.
"We provide accommodation for thousands of WordPress sites," said Maulesh Patel, vice president of operations of Future Hosting . " The application WordPress itself is quite safe, especially when it is hosted on a secure platform. Most WordPress security issues we see are caused by poor management of the CMS, including actions such as installing themes from untrusted sources. We strongly recommend that users download themes from official repositories or reputable developers. "
Inject malicious code in a website is the goal of most attacks against WordPress. Usually this is difficult to do because the attacker must find a way to break server security management system or content (CMS). If users install nulled themes, they do the work of the attacker for them.
plugins and themes should be downloaded from the WordPress Plugin Repository official or Repository theme . premium themes are available from many sources, but WordPress users should ensure download from a reputable market, or from the theme or plugin developer sites.
Founded in 01 and headquartered in Southfield, Michigan, Future hosting is a private Internet solutions provider specializing in managed hosting, including dedicated servers, virtual private servers (VPS) and hybrid virtual private servers.
0 Komentar