If you're using any software/scripts (Wordpress, Joomla etc) on your web hosting account it's extremely important to keep the software/script and all plugins/themes up to date.

The most common reason for web hosting accounts getting hacked is by running outdated software. For example when Wordpress release a new version it doesn't only contain new features but also security "patches" which protect your website from known exploits (files/code that allow hackers to gain access to your account)

It's a misconception that the server has to be insecure for an account to be compromised. Any account running an outdated script, plugin, or theme can easily be exploited and then used for purposes not intended by the webmaster such as sending SPAM emails or outbound DoS attacks.

It's also worth mentioning that you should regularly make backups of your files/database to ensure that if anything does happen you'll always be able to have your account restored.

Note that this announcement is not specific to anything that's happened recently or today but instead a unfortunate pattern of accounts that are compromised from this problem. By keeping your scripts up to date you will significantly reduce the risk of this problem.

Monday, December 19, 2011

« Back