WordPress websites targeted hundreds of time per month finds survey

Person editing a WordPress site
(Image credit: Pixabay)

The WordPress sites of businesses around the world are constantly under attack according to new data from the website maintenance firm Glow which revealed that hackers try to login to organization's sites on average 3.5bn times per day.

Based on data collected through the Glow app, there were a total of 52,589 suspicious logins attempted across small business websites protected by the service during September of this year. Taking into account the average of 1,421 login attempts per site last month, WordPress sites using Glow experienced an average of 47 hacking attempts per day.

As WordPress is the world's most popular CMS powering 75m websites worldwide, the overall average attempts equates to a massive 3.5bn per site, per day.

Glow's founder Phil Storey explained why he launched the website maintenance app earlier this year in a press release, saying:

“Website maintenance has always been a difficult service to sell due to lack of understanding about its importance and perceived costs, and it’s often something people only explore once they become a victim of a website issue. I developed Glow to change all of that and educate people about maintaining their websites and protecting the future of their businesses, and we’re already beginning to see changes in people’s views, however, there’s a long way to go and the time to act is now.”

Targeting WordPress sites

The annual cost of cyberattacks, which includes website hacks, to the small business community is estimated to amount to $5.9bn according to the Federation of Small Business (FSB).

Cybercriminals use a variety of different tools and techniques to carry out these attacks and they often target websites with known vulnerabilities. Despite the risks, many businesses and site owners fail to regularly update their sites which allows attackers to leverage unpatched vulnerabilities in their attacks.

According to WebARX's 2020 security survey, only 45 percent of respondents admitted to taking proper measures to protect the sites they are responsible for due to the difficulties of selling maintenance to clients. At the same time, 73 percent of digital agencies and freelancers are becoming increasingly worried about website security.

For businesses that often fall behind when it comes to updating WordPress, switching to a web host that offers managed WordPress plans may be one way to help improve website security.

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.