Results 1 to 1 of 1

Thread: IMPORTANT SECURITY UPDATES : WordPress & Joomla CMS!

  1. #1

    Exclamation IMPORTANT SECURITY UPDATES : WordPress & Joomla CMS!

    Dear customers,

    INFORMATION:

    As a popular way to create blogs, news portals & corporate sites, the WordPress & Joomla content management systems (CMS) are quite famous & of course a center of attraction for most of attackers/hackers. Many Wordpress & Joomla sites are under attack most of the time by botnets (a collection of compromised computers controlled by a malicious program, used to launch a targeted denial-of-service attack or to send spam) using brute-force methods to obtain their passwords. For at least a year now, attackers have been using such compromised servers; specifically through these famous CMSes; to launch distributed denial-of-service (DDoS) attacks against financial institutions & companies in other industries. Alleged hacktivists, have targeted financial institutions since last September, flooding the victims with tens of gigabits per second of traffic & specially crafted requests designed to tie up or crash the targeted servers.

    By default, all new WordPress & Joomla installations start with a Super Administrator account named 'admin', which is used for backend management of the site. During the installation procedure, one is asked to give this account a password, which can be a simple (easy to guess/predict) or a complex one containing a mixture of alphabets, numbers & special characters. As the user name of this highly powerful administrative account is normally well known, 50% of the security of the username/password combination is already wide-open. Now all an attacker needs to do is guess the password by trying any combinations & they're in.

    Recently attackers launched a major password-guessing (also well known as brute forcing) effort to compromise WordPress & Joomla powered sites. Interestingly, the attacks seem limited to only users who have kept the default "Admin" username for their websites' for managing from the site from the back-end, however, these attacks are only the beginning. Security analysts & IT companies fear that the attackers are attempting to build a massive botnet that is much more powerful than any other witnessed earlier. This attack, which is executed by a botnet of home computers, seeks out Websites & blogs that use the default "admin" user name & that may have generally weak passwords. The attack software attempts to log into a targeted Website's administration panel using the default system-set user name eg: "admin" or "administrator" using a combination of thousands of popular/common passwords. While the attack may only succeed a small percentage of the time, it could result in hundreds or thousands of compromised servers when averaged over tens of thousands of sites powered by particularly WordPress & Joomla application software.

    Currently, there are over 250,000 IP addresses being used to launch these brute-force attacks. These IP addresses are using thousands of passwords to hack into the WordPress sites. Right now, the botnet is limited to just using home PCs, however, the attackers could soon use the powerful servers that run these WordPress sites to launch a much stronger botnet.

    SOLUTION:

    By changing the username to something more difficult to guess, you greatly increase the difficulty of accessing the account. An attacker must correctly guess both the user name & password at the same time to gain access. This is several magnitudes more difficult than simply guessing the right password.

    If you have "admin" or "administrator" as your default username, you should go ahead & change your password to a strong one immediately. Also, in the future, if you plan on using the WordPress &/or Joomla, or any other similar platform for your site, be sure to change the default "Admin" or "Administrator" username to something unique. Once done, the sites should not be vulnerable to these attacks.

    DIRECTIONS:

    Wordpress: Create another administrator user & then login as new administrator user & delete "admin" user:


    Login to your WordPress Admin area.
    Click on "Add new" in the "Users" menu & fill in the information for the new user account.
    IMP : Make sure you select "Administrator" as the role for this new user.
    Choose a hard-to-guess password. I recommend using a combination of uppercase & lowercase letters, numbers, & symbols.
    Finally click on the "Add User" button.
    Now logout of WordPress & relogin using your new username.
    Click on "Users" in the "Users" menu.
    Hover the mouse cursor over the "admin" row. You will see links for "Edit" & "Delete". Click on "Delete".
    IMP : Select "Attribute all posts & links to" & then select your new username from the drop-down list.
    Click on the "Confirm Deletion" button.
    Now you have changed your administrator username & all your blog posts that were created using the "admin" username will be re-assigned to your new username.



    EDIT : Please refer to THIS LINK for complete information on securing WordPress.

    Joomla: Similar to the above, but doesn't need user deletion, just a rename:


    Log into the Back End of Joomla.
    Select User Manager.
    Select the 'admin' user record.
    Change the value in username. (Secure user names contain a mixture of letters & numbers).
    Save & you're done..



    Please get in touch with our Support Helpdesk (24x7), if you've any queries, concerns or need any information/assistance on the above & we'd be glad to assist you in securing your websites/servers for you.

    Good Luck!
    Last edited by axisdavid; 10-14-2013 at 12:31 PM.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •