Attack on WordPress – is WordPress secure?

wordpressSecurity firms are reporting a very large attack on what seems to be all sites using WordPress. One WordPress host reported an increase of an average of 40k failed logins per month to 77k failed logins per day! The failed logins are coming from a large amount of different IP-numbers and is therefore hard to block. The advice from Matt Mulleweg, creator of WordPress, is: remove the old standard admin-account (if it still exists), use a strong password and as always, keep your WordPress installation up to date!

This brings up the question “is WordPress a secure platform?”. In my opinion the answer is a resounding YES! If the hackers have a bot network at their disposal and the means of attack is a brute force password attack then there really isn’t much you can do about it. Had WordPress had any known single fatle flaw the hackers would have used that instead. Apparently it doesn’t!

Any platform large enough will be the target of hackers, much like Windows is under heavy attack as a operating system. There have been known bugs in WordPress, allthough the latest such vulnerability was acctually a bug in a popular templates subclass and not in WordPress in itself. The WordPress community quickly responded and fixed the bug.

I feel secure to continue to use WordPress as my main platform for my blogs, so should you!

Having fun with QR-codes

newseedqr

It all started when I saw an extremly complex QR-code for a simple URL. I wondred why they did not use a URL shortener for the QR code so that the code was much simpler and easier to scan.

I then wanted to create a service where you see the difference as you type. The result can be seen here; a QR-code generator that creates codes as you type.

This is a service that lets you create QR codes easy and at the same time clearly displays the complexity of the code. Clicking on the generated QR image changes the error correction level which also demonstrates the complexity.

Feel free to use this service to either generate your QR codes (but you need to download them to use them, they cannot be hotlinked) or simply to generate a code for a piece of data you want to transfer to your smartphone!