Secure Your WordPress Website Against Mac MalwareLooks like the Mac is finally getting what’s been coming: Mac Malware. And lots of it just recently with the Flashback infection that apparently impacted up to 700,000 Macs. We’ve all heard it from the Mac bigots: One of the main reasons I use a Mac is because of all those viruses and junk on Windows. I can understand that logic. Macs have indeed flown under the radar for years. But now that they’re in the spotlight, they’re a target for criminal hackers and others with nothing better to do.

I could wax poetic over Macs and malware but that’s not what I have on my mind. Instead, it’s all those darned WordPress sites that are un-maintained, exposed to web security threats and waiting to become a part of the web security problem. The recent version 3.3.2 update of WordPress fixes a slew of problems including Cross-Site Scripting and Cross-site request forgery. Sure, these may not be a huge problem to a local bakery or landscaper that maintains his or her web presence on WordPress. Instead, it underscores how many under-secured and flat out mis-managed WordPress-based sites there are on the web.

As the Flashback botnet has shown us, someone with an unsecured website no longer has just a personal problem. It’s creating an Internet problem. Heck, if application security only impacted people and businesses and nothing else, we’d all be out of work. The way I see it is these people choosing to ignore web security threats are creating hazards for the entire web. This is something that’s been impacting Windows systems for years. Now it’s time for Macs to get in the ring.

There’s a universal law that applies to everything we do in life and work: you cannot fix what you don’t acknowledge. Nor can you secure it. If you have your own WordPress sites, bring them under the umbrella of web security testing so you can fix the silly low-hanging fruit that’s waiting to be exploited. Acunetix Web Vulnerability Scanner can help. On top of that, look at some of the technologies like Acunetix’s WP Security plugin that help lock down and monitor WordPress and similar platforms for malware and other web security threats. Whatever you do, just do something.

Kevin Beaver

Kevin is an information security consultant with 30 years experience, providing independent security assessments and penetration tests, security consulting and virtual CISO services, writing and security content development, and speaking engagements keynotes, panel discussions, and webinars.

  • I understand the frustration caused by people who don’t maintain websites properly, but let’s not forget that the people who are ‘creating hazards for the entire web’ are the criminals who keep trying to hack into and abuse websites. Blaming the honest people who have websites but perhaps don’t have sufficient technical skills to keep their security bang up-to-date for the actions of criminals is a little unfair.

    And ‘Mac bigots’? That’s surely bordering on offensive.

    • Hi Simon,

      We are not blaming anyone. We are just trying to raise awareness and let every webmaster know how important it is to secure a website.

  • Ironically, Acunetix doesn’t even run on macs!

    And I’m with Simon in saying that the use of the word ‘bigot’ is unnecessary and a tad low. I for one won’t be ‘liking’ your Facebook page….

    Maybe if you get it ported….

  • Sorry my approach offends you Simon.

    I’m calling things as I see them. Like how drivers choose to get on the road with improper equipment ( and users who proclaim that security is “not my concern” (, many people ignore the big picture and it’s dangerous for everyone involved.

    Regarding the Mac comment, I’ve worked with plenty of people over the years who are lightning quick to point out that all of my Windows-based problems can be solved with a Mac. We all have our strong opinions about technologies we love/hate. My bigotry used to be for Novell NetWare and you can see where that got me! 🙂

    We can pretend these things don’t exist but they do. Somebody’s gotta say it.

  • Comments are closed.