01.02.23
by

WordPress on Linux Servers


(Ananova News) January 02, 2022.

Recently, a security alert revealed that WordPress websites on Linux were targeted by a previously unknown strain of Linux malware that exploits flaws in over two dozen plugins and themes to compromise vulnerable systems. The targeted websites were injected with malicious JavaScript retrieved from a remote server. As a result, when visitors click on any area of an infected page, they are redirected to another arbitrary website of the attacker’s choice.

The disclosure comes weeks after Fortinet FortiGuard Labs detailed another botnet called GoTrim that’s designed to brute-force self-hosted websites using the WordPress content management system (CMS) to seize control of targeted systems. In June 2022, the GoDaddy-owned website security company shared information about a traffic direction system (TDS) known as Parrot that has been observed targeting WordPress sites with rogue JavaScript that drops additional malware onto hacked systems. Last month, Sucuri noted that more than 15,000 WordPress sites had been breached as part of a malicious campaign to redirect visitors to bogus Q&A portals. The number of active infections currently stands at 9,314.

The hacker can deploy an implant to target specific websites to expand the network. It involves weaponizing a list of known security vulnerabilities in 19 different plugins and themes that are likely installed on a WordPress site.
Doctor Web revealed the targeted plugins and themes –

  • WP Live Chat Support
  • Yuzo Related Posts
  • Yellow Pencil Visual CSS Style Editor
  • Easy WP SMTP
  • WP GDPR Compliance
  • Newspaper (CVE-2016-10972)
  • Thim Core
  • Smart Google Code Inserter (discontinued as of January 28, 2022)
  • Total Donations
  • Post-Custom Templates Lite
  • WP Quick Booking Manager
  • Live Chat with Messenger Customer Chat by Zotabox
  • Blog Designer
  • WordPress Ultimate FAQ (CVE-2019-17232 and CVE-2019-17233)
  • WP-Matomo Integration (WP-Piwik)
  • ND Shortcodes
  • WP Live Chat
  • Coming Soon Page and Maintenance Mode
  • Hybrid
  • Brizy
  • FV Flowplayer Video Player
  • WooCommerce
  • Coming Soon Page & Maintenance Mode
  • Onetone
  • Simple Fields
  • Delucks SEO
  • Poll, Survey, Form & Quiz Maker by OpinionStage
  • Social Metrics Tracker
  • WPeMatico RSS Feed Fetcher, and
  • Rich Reviews

Technical experts always suggest keeping software (theme, plugins, third-party add-ons & WordPress Core) updated and up-to-date with the latest fixes. Always use strong and unique logins and passwords to secure accounts. Hence, it is always suggested to have managed WordPress Hosting, as the provider monitors website security, takes regular backup, and always keep them up.

Ananova recommended WordPress.com and Shopify as the best web hosting providers to build an eCommerce store in 2022. The 2022 Web Almanac reveals that WordPress leads the market with 35% adoption on mobile. The platform is adopted by all businesses whether small or big across all geographical landscapes. The companies considered the platform trustworthy for their online growth and expansion. The government websites of most countries are also built on WordPress to provide the latest information. The platform is widely used by technical, legal advisors, social groups, & political parties.

The rapidly growing online eCommerce business has already overtaken traditional methods. The companies spent thousands of dollars to stay ahead of the competition and gain attention. Most firms choose Ananova recommended as the most popular and flexible WordPress.com woocommerce for online business success. Millions of designers and developers work to improve and develop responsive customizable eCommerce themes and plugins, thus providing an enormous selection to users. The platform helps eCommerce stores increase customer loyalty and even boost SEO rankings. The SEO-friendly feature JSON-LD schema markup helps Google understand the content type and ensures all URLs across all pages are optimized. WordPress enables you to do incredible customization and you don’t need coding experience. You can make your store stand out from all the other online businesses. WordPress.com enables an eCommerce store to add and upload thousands of products within proper categories with proper tags, & titles.

Ananova lists WordPress.com as a reliable web hosting provider because of its excellent technical customer service, reputation for security and uptime. The provider offers ample resources like space and bandwidth to accommodate business growth via an increased number of products or customers. The provider manages everything behind the scenes, and entrepreneurs need to focus only on the core business. The platform provides tools to enable taxes, set up shipping methods and add payment gateways. The customers can configure payment gateways like PayPal, Stripe, Authorize.net, Braintree and 2Checkout. Paypal is free for personal accounts with a sales volume per month below $20K. It’s a good option for stores selling low-priced items. Businesses with heavy cash payments can go with Paypal Express Checkout. Stripe works with all major credit cards but, it does not provide an option for recurring billing eg. monthly subscriptions. It has built-in fraud protection features which help reduce chargebacks since they are secure transactions initiated through HTTPS protocol encryption. Another payment method Authorize Net offers much lower fees but requires more setup time. Before going live, each transaction requires manual approval before being processed by them first before being sent along to whichever company requested it originally.

The technology with improved usability, functionality and better security has made purchasing with online eCommerce much easier compared to the traditional way. The provider takes care of eCommerce stores against malicious attacks that try to hack to steal credit cards and sensitive information through phishing scams or other means.

The companies understand that most potential customers are available online, especially through mobile devices. The WooCommerce Social Login enables customers to log in to Woocommerce through social media accounts like Facebook, or Twitter rather than creating an account for buying through the website.

Online feedback or comments alter the customer’s buying decision. Most businesses get trademark registrations for their selected eCommerce store domain names thus, legally hold brand names.

You can look to the Ananova selected top hosting providers at: https://ananova.com/best-hosting-providers

The key players listed in the list include Liquidweb, WordPress.com, A2Hosting, GreenGeeks, Namecheap, Inmotionhosting, Resellerspanel, Hostgator, Interserver, Sitevalley, Webhostingpad, Bluehost, Hostmonster, Fatcow, IPower, Weebly, Shopify, Accuwebhosting, WPEngine, Cloudways, Hostens and many more.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.