Why Is Wordpress Easy To Hack

Discussion in 'Wordpress' started by CarpCharacin, Oct 26, 2016.

  1. CarpCharacin

    CarpCharacin Habitué

    1,244
    80
    +121
    Last edited by a moderator: Oct 26, 2016
  2. Tracy Perry

    Tracy Perry Opinionated ass-hat

    4,058
    337
    +2,735
    And it's really easy to hack it if not kept up to date.. that's why I am obsessive about keeping it updated - it's the one that I do religiously - checking it every day or so for updates to it and the plugins.
     
  3. CarpCharacin

    CarpCharacin Habitué

    1,244
    80
    +121
    So many people use wordpress. What makes it easy to hack?
     
  4. Danielx64

    Danielx64 Developer

    3,241
    527
    +1,342
    Put it this way: attackers are going to target scripts that has the most users - what's the point in trying to break something that one one or 2 people use?

    Just like how Windows have security issues. Yes macs and Linux has issues but not as many people use then so they are less of a target (for now but that can change).
     
    • Agree Agree x 2
    • Informative! Informative! x 1
    • List
  5. Tracy Perry

    Tracy Perry Opinionated ass-hat

    4,058
    337
    +2,735
    As Danielx64Danielx64 states, WordPress has a wider target based to hit, and WAY to many of the idiots running blogs on it don't keep it updated - much less disable the WP-Pingback feature that is so frequently used to perform DDOS attacks.
     
    • Agree Agree x 2
    • Like Like x 1
    • List
  6. CarpCharacin

    CarpCharacin Habitué

    1,244
    80
    +121
    What is the WP pingback feature?
     
  7. Tracy Perry

    Tracy Perry Opinionated ass-hat

    4,058
    337
    +2,735
  8. CarpCharacin

    CarpCharacin Habitué

    1,244
    80
    +121
    Why should it be disabled?
     
  9. Tracy Perry

    Tracy Perry Opinionated ass-hat

    4,058
    337
    +2,735
  10. Danielx64

    Danielx64 Developer

    3,241
    527
    +1,342
  11. ozzy47

    ozzy47 Moderator

    8,718
    742
    +4,076
    Because:
     
  12. CarpCharacin

    CarpCharacin Habitué

    1,244
    80
    +121
    I don't perform DDOS attacks.
     
  13. GTB

    GTB Tazmanian

    4,058
    862
    +999
    Pingbacks always made is easy for other people to spam your site anyway, I always disabled it with WP
     
  14. ozzy47

    ozzy47 Moderator

    8,718
    742
    +4,076
    No but script kiddies do.
     
  15. CarpCharacin

    CarpCharacin Habitué

    1,244
    80
    +121
    What is a script kiddie?
     
  16. ozzy47

    ozzy47 Moderator

    8,718
    742
    +4,076
    A wanna be hacker.
     
  17. Tracy Perry

    Tracy Perry Opinionated ass-hat

    4,058
    337
    +2,735
    http://www.giyf.com/
    And don't worry.. you aren't the only one I've linked to that site in my time on this earth. ;)
     
    • Funny Funny x 1
    • Pure Genius! Pure Genius! x 1
    • List
  18. CarpCharacin

    CarpCharacin Habitué

    1,244
    80
    +121
    Does it need to be disabled if comments are disabled?
     
  19. Tracy Perry

    Tracy Perry Opinionated ass-hat

    4,058
    337
    +2,735
    It honestly should be disabled unless you have a specific use for it. If it was up to me, it would be totally stripped if they can't get it so that it can't be abused. One site that I was assisting with had over 100 connections each doing pingbacks from several remote IP's.
     
  20. GTB

    GTB Tazmanian

    4,058
    862
    +999
    I feel same way, Pingbacks and Trackbacks always got disabled on my WP site. Too easy to be taken of advantage off by other sites trying to get traffic, or comments - nothing good comes out enabling either of them.
     
Verification:
Draft saved Draft deleted