6Scan LTD (www.6Scan.com), a leader in website monitoring and security for small businesses, responds to ongoing brute force attacks on WordPress websites by offering a free service for web hosting companies. With 6Scan’s cPanel plug-in installed on Linux servers, hosting companies can now offer their customers free vulnerability scanning and one-click automated repair.
As reported in multiple sources, hackers are using a home-grown botnet to execute brute force attacks against WordPress websites, using the username “admin” and commonly used passwords to seek entry. The attacks started last week and are still ongoing, and it is estimated that more than 100,000 websites are now infected. The goal of the attack is to install backdoors onto web servers, which are more powerful than desktops and are more valuable as a botnet.
“This threat is sophisticated and significant in scope,” according to 6Scan Cofounder Nitzan Miron. “However, defending against these types of attacks should not be complex, nor should it be costly. The program we’ve developed benefits the entire website ecosystem: web hosting companies, website owners and website visitors. These benefits are available at no cost to the hosting companies or site owners.”
During the initial days of the WordPress attack, 6Scan-protected websites saw a surge of 40% in malicious requests, reported Miron, who added that not a single 6Scan customer website was breached. As documented in recent reports from Verizon and Symantec, the threat to small businesses from cyber-attacks is growing. Add to that the enormous popularity of WordPress, and these types of attacks are inevitable.
“This is really a wake-up call for website owners and hosts,” said Bryan Muthig, CEO at A2 Hosting. “It’s critical for WordPress site owners to cover the basics, like strong passwords and updated software. On top of that free security services can really help increase protection for both the hosts and website owners.”
6Scan’s roots run deep in the WordPress community. In 2011, 6Scan launched a WordPress plug-in to scan for vulnerabilities. In early 2013, it released a full-featured, cloud-based service that delivers scanning, vulnerability fixing and malware removal across any Linux-based CMS.
“The WordPress community is really vibrant. Our goal at 6Scan is to provide state-of-the-art security so that its members can focus on creating great websites,” Miron said.
Website owners and administrators who run the WordPress content management system can download 6Scan’s free WordPress plug-in at http://wordpress.org/extend/plugins/6scan-protection/
6Scan is the world’s first website protection suite to offer automatic detection and fixing of security vulnerabilities. 6Scan’s technology combines both active and passive protection, providing levels of security previously unavailable to all but the most high-end (and high-budget) sites. The product is easy-to-use and designed for website owners with no technical or security knowledge, and its pricing is affordable even for small websites. For more information, please visit http://www.6scan.com or email info(at)6scan(dot)com.