The Panama Papers and WordPress Security

A hacker with a hood with laptop. Online network danger.WordPress is without a doubt the best, most flexible platform for a small business website. We suggest it for every business we work with, and half of the tools we recommend are WordPress plugins or add-ons. Simply put, if you aren’t using WordPress for your website, you are missing out on tons of functionality.

But, like an operating system on your computer, with all that functionality comes some concern for security.

Recently, hackers were able to access over 4.8 Million emails from the Panamanian law and accounting firm Mossack Fonseca. The resulting data leak, dubbed by the press as the “Panama Papers,” was the largest in history, and contained evidence of tax evasion by countless public officials and figures worldwide.

Some cyber security firms are blaming Mossack Fonseca’s outdated WordPress website as the source of the breach.

So what does this mean for you, your website and your business? Are you at risk for a data breach? The simple answer is no, but you must keep your guard up and your website up-to-date.

The Panama Papers

The Panama Papers are just the latest and largest in an increasingly common trend of high-profile data leaks. Unlike recent data leaks from large retailers that targeted credit card numbers and financial information from individual customers, this leak was focused on the release of sensitive data to the press to embarrass world leaders and tax evaders.

The leak has been a massive, worldwide story, and journalists haven’t been able to sift through all of the data yet. There are over 2,600 GB of leaked data, which is more than any other major data leak in history combined. For context, the Wikileaks data leak of 2010 was just 1.7 GB.

Not only do the papers contain information on tax evaders, which is legal but frowned upon by most countries, they also contain evidence of more serious crimes such as money laundering and fraud.

The leak directly implicates 12 current or former heads of state in these activities as well, including Russian President Vladimir Putin, and has already resulted in the resignation of Iceland’s Prime Minister.

Also, several other world leaders are indirectly implicated, like Prime Minister of Great Britian, David Cameron.

How did this happen?

WordFence has a nice breakdown of the nitty-gritty details, but a majority of the data was captured by exploiting a weakness in Mossack Fonseca’s WordPress website.

Mossack Fonseca was running a plugin on their site called Revolution Slider. The plugin ran most of their visual features and is a pretty popular and powerful WordPress design tool.

Every plugin or add-on can add a vulnerability to your site. Developers are not perfect, and it is impossible to create a perfect code the first time. That is why most plugin developers release regular software updates. Unfortunately, Mossack Fonseca hadn’t updated the plugin and left some vulnerabilities that were patched in later versions. Wordfence has a video of how hackers were able to exploit this plugin.

Once inside the website, the hackers were then able to access Mossack Fonseca’s email server because they had another plugin that allowed them to send mail through the website. This plugin had no vulnerabilities and was fully updated, but once the hackers were in, it was already too late.

Should I be worried about my site?

The answer to this question isn’t that simple. Mossack Fonseca was a target here mainly because they were involved in potentially illicit activities with high-profile clients and lots of money. The hackers were sophisticated, more so than your general cyber-criminal, and would probably only target businesses like these with high stakes.

But any small business can be at risk for cyber crime, particularly if you handle some of your commerce online. There are plenty of cyber criminals looking to make an easy buck off stolen credit card information.

That’s why you should take away the following lessons from this incident: pay attention to your website, and update your plugins regularly.

Be sure not to leave your website running in the background without maintenance for too long. Hackers and criminals move quickly, and developers are forced to respond just as quickly. If a developer releases an update that includes security features, assume it is because someone somewhere has figured out a way in. You must be willing to update your site regularly to prevent the next person from figuring it out.

Alex-Boyer-Photo-150x150-e1420769709443.jpgAlex Boyer is a Community Manager and Content Ninja for Duct Tape Marketing. You can connect with him on Twitter @AlexBoyerKC

WordPress Plays a Key Role in Improving Reviews and Ratings

WordPress Plays a Key Role in Improving Reviews and Ratings - Duct Tape Marketing

photo credit: Pixabay

Blogging is a great way to let your inner author awaken. The best part about blogging is that you don’t have to stick to a set of topics or even a theme. Even if you own a food blog, you can create a post or two about travelling. WordPress is one of the leading websites in the blogosphere and there are more than a few reasons why. It has a huge user base and the bloggers on WordPress are far from being dormant. They comprise of an active lot who have healthy reviews on your content, with feedback that is often welcome.

One of the key features of WordPress is that it has an array of plugins at its disposal. Plugins are basically extensions of other websites or services which can enhance the experience on your blog. There is a directory of plugins to choose from for every feature that WordPress offers. From social media,

WordPress Plays a Key Role in Improving Reviews and Ratings - Duct Tape Marketing

photo credit: Reviewleap

forums, polls to review and rating plugins, there are thousands of compatible plugins that even a novice can incorporate in their blog. For developers, WordPress even allows you to create plugins, adding even more versatility. If you use the review and ratings plugin feature that is pre-coded, you will even have access to review alerts and ultimately be able to analyse your work in a more productive and positive manner.

The user interface on WordPress is uniquely easy to use and understand. It has been designed with care and precision, specifically keeping the ease of use in mind. WordPress lets you focus on what matters the most- your content. Its motto of being simplistic allows you to get your content (and thoughts) publishes with minimal hassles. It can be personalised for what represents your blog the best- be it a travel blog, a business website or a blog that is completely personal.

The five best WordPress plugins are the ones that add the most to your blog’s personality. While some are basic plugins that are good for any kind of blog, there will be some plugins which are more customised for your requirements. Some of the generic plugins which every blog should consider having are:

  1. WordPress SEO, by Yoast. If you have a blog that doesn’t come up on web searches, your viewership will dwindle. Ensure that your website is visible to those who are looking for content similar to what you gave to offer.
  2. Widget Logic is a plugin that functions in tandem with the widgets you have on the blog. This will give you the choice to decide which widget appears on what part of the blog or a page on your blog.
  3. Google Libraries will help you to save bandwidth by substituting JavaScript libraries on from your local server with the CDN that Google has.
  4. The Author Post Ratings plugin is different from other review plugins, in the sense that it allows the author to rate the posts and features that feedback on the website. It is a light plugin and ideal for those who want to control how the reviews are published on the site.
  5. Broken Link checker plugin is a life saver for SEO. The dreaded 404 error message can spell doom for a fledgling or successful blog since these are dead links that lead nowhere. This plugin will help rectify such broken links and save you the embarrassment.
WordPress Plays a Key Role in Improving Reviews and Ratings - Duct Tape Marketing

photo credit: Reviewleap

Feedback is what drives any writer or blogger to create better things in future. WordPress makes it as easy as installing a plugin (if you want something specific) or you can even choose the option from their built-in settings. Also, Feedback forms can be incorporated into the top, middle or bottom of your post or a particular page. The freedom to place, position and use these forms adds to the how easy it is to use WordPress.

You can also get feedback from built-in comments’ feed on your posts which can be moderated and tweaked. Depending on what kind of feedback you want displayed on your blog, WordPress allows you to filter and block spam comments before they appear on your website. This will help you to implement a regulation system to filter fake reviews that only aim to generate negativity on your blog. The easy notification bar alerts you of any comment that features on your blog. You have the freedom to choose what details of the commenter will show on the blog and can even disapprove of a comment that you feel is unworthy of being featured online.

WordPress has become the leader in hosting blogs and providing domains for those who wish to have a personal website for their blog. Its gigantic user base, ease of access, simplicity and customizability make it one of the finest ways to let the world know you and your thoughts.

JoelJoel Cordle is CEO of review leap and a digital marketer. He is serious about his online presence. He likes to be active in social media market so he always keeps himself updated about the strategies used for presence. As he enjoys reading and writing about marketing and online reputation, his hobby is to write different blogs about reviews, ratings, negative feedback, review alerts etc. He is a good advisor and he keeps suggesting people about how one can develop his online personality.

6 Essential WordPress Plugins

WordPress is a great platform for most business owners. It’s flexible, adapting to your needs and desires to make your website perfect for your business. It’s constantly up to date, with regular maintenance that keeps your site running fast. Frankly,…

Read More