Tag Archives: WordPress

Loading
loading..
attacking bear

Websites Under Attack – Got you covered

April 12, 2017
Web Admin
, , , ,
No Comments

I wanted to take a quick minute and tell you about our night on the web last night.  As web security experts with a long history of protecting, building, and creating wordpress websites, we have seen a quite a bit, but last night was special.  A couple of the sites that we managed and protect came under a sustained attack for a couple of hours.  These attacks had our phones blowing up with alert notifications every couple of minutes for hours.  We are used to it, and really don’t mind that much.  That is because we have over the years, become quite good at protecting our sites, and trust in our partnerships and the system that we have in place.

The graph below show you the number of attacks from last night.

attack capture

24 Hour Attack

We would love to tell you that it was the Russians, and indeed that has been the case in the past.  This time however, the attacker was from an IP adddress in the United States.   The main site causing all the noise last night was from a US based IP address of :

162.211.152.3United StatesUnited States2,157

Our security systems allow us to block most of the traffic geographically.  So, if you don’t have customer in the United states why expose your site to the rest of the world.  That is one theory anyhow, and you have to make a decision for your company, your security policy, affects on search engines finding you, etc.  In this clients situation the only country that is open is the United States.  However, country blocking wasn’t enough in this past attack.

You have to realize that in today’s world, the IP address in the U.S., might be compromised and actually be a device controlled by rogue hackers from another country.   It is critical that you have a rock solid firewall implementation that is dynamically based on live intrusion attempts across the world.  That you also protect yourself and ensure that your website is up to date constantly, and have some ability to recover if you find your site compromised and are monitoring alerts as things are happening.  Remember, the internet doesn’t sleep.

Our system can help you sleep at night and ensure your sites are always available.  Contact us for a free consultation.  Heck, we will even update your site for  you free of charge.

CD

 

under attack image

WordPress – Covered Data repel attacks

January 17, 2017
Web Admin
, ,
No Comments

Covered Data recently came under attack from sources across the internet and we wanted to share our experience.

The concentrated and focused attacked started on January 11th 2017 at 9:21:46 pm local time. The attack and search for vulnerabilities continued for just about 2 hours, ending shortly after 11:07:33 pm local.

Covered Data partners with the best web application firewall (WAF) known in the industry and our partner software is currently protecting millions of WordPress websites world wide.

To help address the wider concerns about internet attacks we are offering a free update service and vulnerability assessment to anyone.  We will update your site for free and provide recommendations for any further issues we might find that need to be addressed.  For those not based on WordPress, we will address your vulnerabilities and provide assistance in updating your software and make recommendation that should help you repel future attacks.  For those based on a WordPress infrastructure, we will update core files and plugins and share solutions that have protected our sites.

Are you protected?

We have included screen shots of the alerts we received during our attack.  We do this to collaborate and share our experience.  Our ultimate goal is protecting as many sites as we can.  If your organization is using a WordPress, contact us about this free service. This free update service will go a long way to your site being protected and you being able to sleep again.

Contact us.  We will help.

Sincerely,

Scott A. Barbour, CEO

The below information is a snapshot of a much longer attempt by the attackers to penetrate our sites.

We successfully repelled 100% of the attacks thanks.

attack 1 attack 2 attack 4 attack 5 attack 6 attack 7

 

 

cd alert picture

Username Harvesting WP 4.7

December 12, 2016
Web Admin
, , ,
No Comments

We received a security alert this morning from our Web Application Firewall provider that addresses a vulnerability in WordPress that if exploited about will reveal the username and admin usernames on the system.

SUMMARY:

With the release of WordPress 4.7 a vulnerability now exists that all users should take immediate action to remediate.  While the update to 4.7 is a good thing and fixes several existing security issue, it also adds the REST API functionality to WordPress.  Again, this is a good thing, but does create a hackers ability to do the following:

http://example.com/wp-json/wp/v2/users

This will list all users that have published a post. It includes that user’s userid, username, gravatar hash and website URL.  This functionality either needs to be turned off completely or it is our recommendation, configure the firewall to prevent anonymous access and maintain the desired functionality of a the REST API.  Obviously this isn’t information that you want a hacker to have access to as it is half the battle with gaining unauthorized access.

REMEDIAL ACTIONS:

Our security team is recommending that all users upgraded to 4.7 and have our premium version of our WAF installed and configured immediately.  This will prevent hackers from using this functionality and gaining unauthorized access to your systems.

TO BE CLEAR:  All WordPress websites that are updated to the current version are vulnerable to this attack unless steps are taken.  Please contact us for a solution that will protect your site and increase your overall security profile.

Scott Barbour – Covered Data Founder/CEO

Layout mode
Predefined Skins
Patterns Background
Images Background