WordPress is used by many website developers to create and maintain company websites. In late May, WordPress was attacked by hackers trying to steal account credentials from roughly 1/3 of their customers (1 million websites). Such credentials provide access to those hosted websites and related development environments and tools.
A related article states “Due to the sheer volume and variety of attacks and sites…it is possible that your site may be exposed to these attacks…”
If your company website is hosted on WordPress, here are several recommendations to ensure your site’s safety. If these steps are improperly done, your website could temporarily stop. Therefore it is best to contact your website host or developer and request they perform these tasks:
- Look for log entries with “wp-config.php” that returned “200” response code
- Look for the the following IP addresses where attacks originated from:
- 200.25.60.53
- 51.255.79.47
- 194.60.254.42
- 31.131.251.113
- 194.58.123.231
- 107.170.19.251
- 188.165.195.184
- 151.80.22.75
- 192.254.68.134
- 93.190.140.8
- Change your database password, unique authentication keys, and salts
- Update the file “wp-config.php” with the password change
- Review the need for remote database access, and disable if not necessary
For a confidential discussion of your situation, feel free to contact us.
