WordPress on Linux Servers

(Ananova News) January 02, 2022.

Recently, a security alert revealed that WordPress websites on Linux were targeted by a previously unknown strain of Linux malware that exploits flaws in over two dozen plugins and themes to compromise vulnerable systems. The targeted websites were injected with malicious JavaScript retrieved from a remote server. As a result, when visitors click on any area of an infected page, they are redirected to another arbitrary website of the attacker’s choice.

The disclosure comes weeks after Fortinet FortiGuard Labs detailed another botnet called GoTrim that’s designed to brute-force self-hosted websites using the WordPress content management system (CMS) to seize control of targeted systems. In June 2022, the GoDaddy-owned website security company shared information about a traffic direction system (TDS) known as Parrot that has been observed targeting WordPress sites with rogue JavaScript that drops additional malware onto hacked systems. Last month, Sucuri noted that more than 15,000 WordPress sites had been breached as part of a malicious campaign to redirect visitors to bogus Q&A portals. The number of active infections currently stands at 9,314.

The hacker can deploy an implant to target specific websites to expand the network. It involves weaponizing a list of known security vulnerabilities in 19 different plugins and themes that are likely installed on a WordPress site.
Doctor Web revealed the targeted plugins and themes –

  • WP Live Chat Support
  • Yuzo Related Posts
  • Yellow Pencil Visual CSS Style Editor
  • Easy WP SMTP
  • WP GDPR Compliance
  • Newspaper (CVE-2016-10972)
  • Thim Core
  • Smart Google Code Inserter (discontinued as of January 28, 2022)
  • Total Donations
  • Post-Custom Templates Lite
  • WP Quick Booking Manager
  • Live Chat with Messenger Customer Chat by Zotabox
  • Blog Designer
  • WordPress Ultimate FAQ (CVE-2019-17232 and CVE-2019-17233)
  • WP-Matomo Integration (WP-Piwik)
  • ND Shortcodes
  • WP Live Chat
  • Coming Soon Page and Maintenance Mode
  • Hybrid
  • Brizy
  • FV Flowplayer Video Player
  • WooCommerce
  • Coming Soon Page & Maintenance Mode
  • Onetone
  • Simple Fields
  • Delucks SEO
  • Poll, Survey, Form & Quiz Maker by OpinionStage
  • Social Metrics Tracker
  • WPeMatico RSS Feed Fetcher, and
  • Rich Reviews

Technical experts always suggest keeping software (theme, plugins, third-party add-ons & WordPress Core) updated and up-to-date with the latest fixes. Always use strong and unique logins and passwords to secure accounts. Hence, it is always suggested to have managed WordPress Hosting, as the provider monitors website security, takes regular backup, and always keep them up.

Ananova recommended WordPress.com and Shopify as the best web hosting providers to build an eCommerce store in 2022. The 2022 Web Almanac reveals that WordPress leads the market with 35% adoption on mobile. The platform is adopted by all businesses whether small or big across all geographical landscapes. The companies considered the platform trustworthy for their online growth and expansion. The government websites of most countries are also built on WordPress to provide the latest information. The platform is widely used by technical, legal advisors, social groups, & political parties.

The rapidly growing online eCommerce business has already overtaken traditional methods. The companies spent thousands of dollars to stay ahead of the competition and gain attention. Most firms choose Ananova recommended as the most popular and flexible WordPress.com woocommerce for online business success. Millions of designers and developers work to improve and develop responsive customizable eCommerce themes and plugins, thus providing an enormous selection to users. The platform helps eCommerce stores increase customer loyalty and even boost SEO rankings. The SEO-friendly feature JSON-LD schema markup helps Google understand the content type and ensures all URLs across all pages are optimized. WordPress enables you to do incredible customization and you don’t need coding experience. You can make your store stand out from all the other online businesses. WordPress.com enables an eCommerce store to add and upload thousands of products within proper categories with proper tags, & titles.

Ananova lists WordPress.com as a reliable web hosting provider because of its excellent technical customer service, reputation for security and uptime. The provider offers ample resources like space and bandwidth to accommodate business growth via an increased number of products or customers. The provider manages everything behind the scenes, and entrepreneurs need to focus only on the core business. The platform provides tools to enable taxes, set up shipping methods and add payment gateways. The customers can configure payment gateways like PayPal, Stripe, Authorize.net, Braintree and 2Checkout. Paypal is free for personal accounts with a sales volume per month below $20K. It’s a good option for stores selling low-priced items. Businesses with heavy cash payments can go with Paypal Express Checkout. Stripe works with all major credit cards but, it does not provide an option for recurring billing eg. monthly subscriptions. It has built-in fraud protection features which help reduce chargebacks since they are secure transactions initiated through HTTPS protocol encryption. Another payment method Authorize Net offers much lower fees but requires more setup time. Before going live, each transaction requires manual approval before being processed by them first before being sent along to whichever company requested it originally.

The technology with improved usability, functionality and better security has made purchasing with online eCommerce much easier compared to the traditional way. The provider takes care of eCommerce stores against malicious attacks that try to hack to steal credit cards and sensitive information through phishing scams or other means.

The companies understand that most potential customers are available online, especially through mobile devices. The WooCommerce Social Login enables customers to log in to Woocommerce through social media accounts like Facebook, or Twitter rather than creating an account for buying through the website.

Online feedback or comments alter the customer’s buying decision. Most businesses get trademark registrations for their selected eCommerce store domain names thus, legally hold brand names.

You can look to the Ananova selected top hosting providers at: https://ananova.com/best-hosting-providers

The key players listed in the list include Liquidweb, WordPress.com, A2Hosting, GreenGeeks, Namecheap, Inmotionhosting, Resellerspanel, Hostgator, Interserver, Sitevalley, Webhostingpad, Bluehost, Hostmonster, Fatcow, IPower, Weebly, Shopify, Accuwebhosting, WPEngine, Cloudways, Hostens and many more.

Creating an Successful Ecommerce

In an ecommerce business, having a website is an important aspect; having a website with the right features is another, more important one. This is because your website is the means through which you do your ecommerce business. An ordinary website and a feature-rich website is often the difference between succeeding and failing at ecommerce. Once you have your Ecommerce site completed, you can focus on marketing your products and making sales – increasing your chances of a good profit margin. Moving on, here is a guide to help you when you begin creating your own Ecommerce site.

  1. Hire someone who will be dedicated solely to web management, if the nature and size of the business supports it.
  2. Hire temporary employees to help set up the business and bring them back periodically to make changes to the site, expand online capabilities or launch new ventures.
  3. Outsource the development, design and hosting of the website and rely on an outside organization to keep it up to date and to manage growth.
  4. Use an “e-commerce in a box” product to set up an e-commerce site. These products typically charge a monthly fee (around $25) and provide an online store with virtual shopping carts (locations where shoppers electronically place the items they want to buy). They also include online catalogs, customized product pages; tools that help merchants list their products and services on online auction and shopping sites, secure online payment options, discount coupons for customers, and technical support.

The web has immense power to transform a business. With that said, sometimes a product just doesn’t seem to lend itself to online sales–at least at first glance. Businesses like amusement parks, bowling alleys and utility companies either require the customer to be on-site or offer a product that is largely intangible. But even for those types of businesses, customers have come to expect an online presence. A company can sell tickets or offer discounts through its website, show images and videos of its facilities, set up online games that relate to and increase demand for its offerings, or enable customers to make payments over the internet.