As a web designer “moonlighting” as a Certified Ethical Hacker (yeah, it's as cool as it sounds), I’ve witnessed WordPress security flaws that could fuel my own cyber-noir series. And sadly, I've seen businesses take a significant hit, sometimes one they don't recover from. The latest WP horror show discussed in BleepingComputer's recent article. Over 150,000 WordPress sites are vulnerable thanks to a plugin that's basically a VIP pass for cyber fuckery.
The article discusses a convenient little flaw in the POST SMTP Mailer plugin – think of it as the Death Star's exhaust port but for websites. Two vulnerabilities, labeled as CVE-2023-6875 and CVE-2023-7027, are the culprits here. They're not just small glitches; they’re open invitations for a full-scale takeover, turning your website into a puppet for well, more fuckery..but now YOUR site has become a new source of fuckery! If you're on a host they will likely shut your site down after they get enough complaints or the server starts throwing flags. If it's your own server, well then strap in and get some coffee, it’s gonna be a long night. In either case your brand and possibly your bank account just took a hit.
Can you reasonably secure Wordpress? Sure, but get ready to burn cash, time, and sanity on plugins and airtight server maintenance. I’ve built WordPress servers on hosted services and my own metal. It was fun, super educational, would totally recommend for a hobby project or a blog for your kid's goldfish. But for a serious business website? Hard pass. If you need a for real website go get a wix account and focus on your business.
WIX you say? 🤔
Full disclosure, I’m an affiliate, but I’m not praising for paychecks. It's the smart play. I migrated my site to wix years ago and have since built over 300 sites on it. It’s a great platform. Recently, they have been adding Ai features. I genuinely dig what they're doing.
Wix is like a bank that provides centralized, robust security for all its accounts, ensuring comprehensive protection and professional oversight for every website on its platform. In contrast, WordPress resembles a collection of individual safe deposit boxes, where each website owner is responsible for their own security, requiring personal vigilance and management to safeguard their digital assets.
Wix is it’s own ecosystem providing a secure framework without limiting creativity. It’s a Swiss Army knife for online presence. From e-commerce to SEO, it's got the tools built-in, so rather than fishing for plugins you focus on your business or brand and let Wix do the heavy lifting of cybersecurity and server maintenance.
So, here's the wrap-up.. 1, WordPress is for fish blogs only! Like onlyfish.com or something like that. 2. Wix is a smarter choice that lets you concentrate on your strengths and business growth. 3. I need to start my own cyber-noir series and I like the word fuckery!