With popularity comes risk. Incredible WordPress security statistics to pay attention to…
With WordPress making up 28.6% of all websites online, one would assume that there are a large number of hackers looking for vulnerabilities in millions of WordPress sites. That is indeed the case.
Hackers are targeting WordPress websites of all sizes for a wide range of reasons. They all involve have a profit motive. As that profit motive increases, you can expect that the number and types of attacks will only increase.
As a website owner, it is your responsibility to set up measures to protect your WordPress website. You should also have a plan in place for what to do when your site is hacked. Despite your best efforts, the reality is that it is not a matter of if your WordPress website will be hacked but more a matter of when.
12 mind-blowing WordPress security statistics.
With that said, here are thirteen mind-blowing WordPress security statistics that illustrate the magnitude of the problem:
- Only 39% of WordPress websites are running the most current version of WordPress (Version 4.8). – WordPress
- Google blacklists around 20,000 websites for malware and around 50,000 for phishing every week. – WPBeginner
- 18 million WordPress users were compromised during the worst breach of WordPress security. – Skilled
- 52% of reported WordPress vulnerabilities were related to plugins. – KeyCDN
- 73% of the 40,000 most popular websites that use WordPress are vulnerable to attack. – WPWhiteSecurity
- Around 4,000 WordPress websites have been infected with a form of malware that disguises itself as a search engine optimization plugin to attract unaware web masters. – SC Magazine
- 8% of WordPress security breaches are as a result of use of a weak password. – WP Smackdown
- File inclusion exploits are one of the most common ways an attacker can gain access to your WordPress website’s wp-config file. This is one of the most important files in your installation. – OWasp
- Brute force attacks refer to the trial and error method of entering multiple username and password combinations over and over until the correct login information is found. – iThemes
- 84% of all security vulnerabilities online are the result of cross-site scripting or XSS attacks. 39% of WordPress vulnerabilities are cross-site scripting attacks. Cross-site scripting refers to a client-side code injection attack wherein an attacker can execute malicious scripts into a legitimate website or web application. – Acunetix
- SQL injections occur when an attacker gains access to your WordPress database and to all your data. – AHSay
- The four most common WordPress malware infections are Backdoors, Drive-by downloads, Pharma hacks and malicious redirects. – Smashing Magazine
Three steps you can take to secure your WordPress website
Now that we have established that there are some very real security risks that come from using WordPress, there are steps you can take to secure your website. Implementing these three simple steps will go a long way towards protecting your digital assets that is your website.
The steps you can take today include:
- Use a unique password that includes a combination of letters, numbers and symbols. It should also be unique in that it the same password is not being used with any other of your accounts elsewhere online. Many people will use the same password across multiple sites and platforms. There are random password generators available online if you would like some help creating a password for your WordPress website.
- Keep the software making up your WordPress websites up to date. This includes the theme, core WordPress and plugin files updated.
- Take regular backups of your WordPress website. It is not so much if your WordPress website will be hacked but more a matter of when. Having clean copies of your WordPress website to fall back on when your site is hacked is a great way to everything forward quickly after your site has been hacked.
If you would rather not deal with WordPress security yourself, we offer WordPress Management Services that involve implementing security best practices and ongoing monitoring.
In the meantime, I hope that the list of 12 mind-blowing WordPress security statistics prompts you take action to protect your WordPress website. Check back frequently as I regularly write posts about WordPress website security.
We can help you secure your WordPress website with WordPress maintenance services. We also offer:
Content Marketing for Local Business
Digital Marketing for Local Business
Sales Funnels for Local Business
Nice post. I learn something new and challenging on sites I stumbleupon on a daily basis. Its always helpful to read through articles from other writers and use something from their web sites.