Why Your WordPress Site Is Never Really Secure

Update: On Monday, December 18, 2017, there was a massive distributed brute force attack targeting WordPress sites. The attack used a large number of attacking IPs where each IP generated a huge number of these attacks. It is the largest, most aggressive breach to date, with over 14.1 million brute force attempts per hour.


WordPress security solutions are mere bandaids, subject to more attacks in the future.

Attacks like these are why your Wordpress is never really secure. With more than 87 million sites worldwide, WordPress is the leading CMS of the internet. But being a leader in your space doesn't come without its pitfalls. WordPress's massive site structure has opened them up to many security threats since the software's 2003 launch.

Another severe hacking event shocked WP users in February 2017, when attackers penetrated 1.5 million sites thanks to a loophole within the WordPress REST API. The REST API was touted as a connector to enhance communication with other web programs, revolutionizing WP's own outdated API. A vulnerability in the REST API allowed hackers to infiltrate nearly 2 million sites — compromising up to 350,000 sites in one campaign alone.

The only way WordPress core developers can patch significant vulnerabilities within their software is to deploy patches in the form of product updates. WP has deployed 238 releases over the past 14 years, and many of them have been to fix security problems.

Still, many site developers disable the automatic update feature because it could impact their site's design and function. About 5% of WordPress sites are not updated with the latest, most secure version.

Securing your WordPress site is costly, too. Simply purchasing a WordPress site isn't enough to protect your data. Users have to buy WordPress security plugins and installs from third-party companies to not only protect their site, but stay updated on new vulnerabilities.

One of the primary reasons WordPress is open to security threats is because it operates as a decentralized CMS. That means each site — all 87M+ of them — has to be updated individually. So every time there is a security threat or a big fix, those updates are not completed on a set timeline. The time it takes for your site to be updated could be catastrophic.

RebelMouse is a centralized CMS, which means all of our updates are quickly deployed at once to every site we power. We often deploy multiple updates every day. Our proprietary technology is protected internally, making it nearly impossible for a hacker to crack.

Site security is one of the many reasons RebelMouse is the best CMS. Join us and reach a larger audience — safely.

Why RebelMouse Is the Best Content Marketing Platform

RebelMouse is a unique platform and company. The company was founded on the vision that media companies would need an always-modern solution to thrive in the new connected internet, and that brands would have to behave like new media companies and use the same platforms.

Keep reading... Show less

Why Premium Creative Agencies and CTOs Choose to Develop on RebelMouse vs. WordPress and Drupal

The Intersection of Design and Development: Where Your Clients Thrive

We started RebelMouse seven years ago knowing that there was a fundamental design flaw in the world of traditional CMSs: Every instance, on every platform, had to be updated independently. It's similar to an era when users had to manage their own Microsoft Exchange Server for email. The costs of managing, maintaining, and iterating on a CMS to keep it awesome and world class is typically a $10 million-a-year endeavor. But even then, these cost-prohibitive CMSs are still behind the times.

Keep reading... Show less

Native Multivariate Testing at Scale With RebelMouse

What Differentiates Our Approach

There are many popular tools that allow you to perform experiments and A/B tests on your users — primarily Google Chrome Experiments and Optimizely. But all of these solutions are JavaScript additions to your web page that sidestep the problem of old, outdated, and clumsy CMSs. These solutions work by calling on a third-party JavaScript library that rewrites a page after it's rendered. This approach adds extra page weight and creates strange user experiences due to having to wait for everything to load and be rewritten on the fly.

At RebelMouse, we've solved this in a very elegant way. At the core level of our platform, we can natively render different layouts and track the exact differences in performance when comparing a test to your other layouts.

Keep reading... Show less

Modern E-Commerce: Blur the Line Between Content and Design

Create Modular + Reusable Design Patterns on RebelMouse

Content saturation is an industry-wide problem, and the e-commerce space is no exception given that it's filled with big brands, small Etsy stores, and everyone in between all fighting for similar audiences. The best way to fight this symptom is to understand your audience and provide them with what they want.

Keep reading... Show less

Instagram-style E-commerce Features on RebelMouse

Revolutionizing E-commerce on RebelMouse

Whether you're a brand with a blog or a media company with a site, driving purchasing behavior and building an audience that uses your content to find things they love to buy is vital. We're very proud to have built out the same functionality that everyone is now used to on Instagram, with layovers on images that lead to products with attribution.

Keep reading... Show less

Building Premium Communities and User Journeys on RebelMouse

RebelMouse is much more than just a replacement for a traditional CMS. Our platform is a tremendous community-building experience. Today's social ecosystem has given us a seemingly limitless number of premium creators who understand how to create gorgeous and relevant content that drives the growth of their own audiences. These creators and influencers are either experts in certain topics, or heavily engaged in targeted content that drives their interests. They're not only consuming the content they're passionate about, but they're contributing to the conversation, too. The new role of the editor is not just to cover the most important topics and people around their expertise, but also to invite those preferred influencers into their community and get them to participate in creating premium content.

Keep reading... Show less

Dynamic Voting: Grow Traffic and Engagement Organically

Help your audience find its voice.

Creating quality content is no longer on marketers alone. We live in a universe of creators who are willing to not only consume content that resonates, but play a role in the creation, promotion, and conversations surrounding it.

Since the start of RebelMouse, we've been on a journey to create dynamic media that is easier for content creators to curate and amplify on social. It's why we've built an online engagement platform centered around the power of communities that thrive naturally in the digital ecosystem.

Keep reading... Show less

How to Monetize Your Website in Today’s Publishing Environment

In order to define distributive publishing, we have to ask the following question: If you have quality content, but nobody sees it, does it even exist? The answer is no, because your content needs to be supported in a way that lets it move seamlessly across all channels, especially site, search, and social. But let's take this question a step further: If you can't monetize your content to generate the support it needs, how do you create quality content in the first place?

Keep reading... Show less

Optimizing Tweets for Zero CLS Penalties

Tweets are a very popular embed for media sites. They can contain lots of information and drive lots of traffic, and we have worked very hard to make it super easy for writers and editors to embed them by simply dropping a link into our Add Media Bar.

Keep reading... Show less

RebelMouse and Amazon Onsite Associates Program

Amazon has recently begun adding editorial content to the search results on their site. This is a part of their Onsite Associates Program (OSP), which is an extension of their Amazon Associates (affiliate) program.

This is a really cool way for Amazon to pull in third-party content that discusses a particular product type to enhance listings, and it's a great way to give users detailed information about products that is divorced from the actual seller of the product. We've recently updated our RSS Feed structure so that you can easily send your content to Amazon to take advantage of this program.

Keep reading... Show less

Google Page Experience Now Live in Search Console

Google has recently introduced a new page in Search Console, the Page Experience report. When you have Search Console properly set up, you will be able to access the Page Experience report directly from the side menu (currently this is only available for mobile pages). We will describe the features included in this report in detail, but briefly, Page Experience report provides a general overview of the user experience on your site.

Keep reading... Show less

RebelMouse & Parse.ly Integration

Are you using Parse.ly to track your content analytics? Well good news! We've recently completed an integration with Parse.ly that allows you to easily connect your RebelMouse system to your Parse.ly instance.

Keep reading... Show less
Subscribe to Our Newsletter