We Be HostiN Forums

Knowledge Base => General Knowledge Base => Topic started by: earnolmartin on January 18, 2016, 10:26:25 am



Title: WordPress Requirements to Prevent Server Abuse
Post by: earnolmartin on January 18, 2016, 10:26:25 am
We Be HostiN supports easy installation of WordPress through our control panel or via manual installation.  WordPress is a decent open source platform, but it's not perfect.

A security issue has been identified (https://wordpress.org/support/topic/wordpress-44-xml-rpc-exploits-still-not-fixed?replies=25&view=all) that slows the server to a crawl due to an exploit found in WordPress code.  As such, We Be HostiN is requiring all clients to install the Disable XML-RPC Pingbacks plugin (https://wordpress.org/plugins/disable-xml-rpc-pingback/) through the WordPress administrator control panel.  This needs to be done for EACH installation of WordPress you run.  

Until this issue is fixed, action must be taken.  If your WordPress installation is NOT running this plugin, the server is open to attack which results in a poorer quality of service for all our customers.  Please install this plugin for every WordPress installation you have.

Also, WordPress is evidently quite open to attacks in general.  Please also install the free version of the Wordfence security plugin (https://wordpress.org/plugins/wordfence/) for EACH installation of WordPress you run.  Run a scan to see if any of your files have been exploited or if any of your plugins & themes need updates. We Be HostiN recently discovered one of our WordPress installations sending massive amounts of spam in a fashion similar to the one described here (https://aw-snap.info/articles/spam-hack-wordpress.php).

Here's a video showing how to install and use the Wordfence and Disable XML-RPC Pingbacks plugin:

http://www.youtube.com/watch?v=86XnVANFavM

Failure to comply with these requirements may result in account suspension until the problem is rectified. We're serious about providing the best hosting experience for each of our customers, so please help keep the server secure and spam free.

Thank you for your cooperation in helping to keep We Be HostiN one of the best hosts in the industry.