WordPress Zero Day Vulnerability: Prevent With Zesty.io

How can you stay safe from the next WordPress vulnerability?

WordPress Zero Day Vulnerability: Prevent With Zesty.io

Chloe Spilotro 02.08.2017

Security attacks on websites are attempted all day, every day: the concern is whether those attacks actually deface the website, steal user data, bring down the website, etc. Recently, WordPress discovered a major vulnerability through one of their Rest API’s that has compromised thousands of users websites. Bad actors could use this API to add or change content to the website at will; essentially giving these bad actors control over the look, feel, and content on affected websites.

Thankfully WordPress discovered this vulnerability, was able to notify their customers, and now is alerting those affected to update their websites accordingly. However, what if those users do not? They are sitting ducks until it’s too late.

Even if a potentially affected WordPress website is updated and secure now, it could have easily been compromised. This vulnerability gave bad actors access to a business's website(s) allowing them to change their content.

On Zesty.io, we work diligently to prevent these issues before they arise. Security is paramount, and our engineers work vigilantly to automatically provide security updates to our users and push those updates out accordingly. By taking all of the responsibility for our platform security, we minimize the possibility for bad actors to affect our clients’ sites. Additionally, we automatically provide all of our clients protection against DDoS attacks. This is largely done through our implantation of CloudFlare, software designed to detect and stop any DDoS attack attempts before they impact users visiting a webpage.

We can control a lot of external protection for sites, but we also provide tools for our clients to protect their sites internally. We are proud to offer two-factor authentication powered by our partner Authy for clients who take additional precautions by adding another layer of security. In addition, with Zesty.io, site administrators have the ability to assign user roles and permissions. These can be extremely granular, allowing certain users Contributor status, which means they can add content, but not publish it. This allows each user to be secure in what they can change on the website and the parts they can not. For those who manage multiple sites on Zesty.io, those permissions are on a per-site basis: meaning someone can be a publisher for one microsite and a contributor on the main site. These permissions and controls help to streamline internal workflow but also provide that extra security so updates to the site can be made only by those who need to be making those changes.

The tech community is very transparent, and we do our best to learn from each other. While we’re glad WordPress was able to catch this vulnerability, we’ve purposefully built our platform to learn from those mistakes early on and prevent such vulnerabilities from happening in the first place. Our architecture is what makes us different, and we’re proud to provide our clients unparalleled security measures. If you’re concerned about whether your site is secure or not, feel free to email us at sales@zesty.io to discuss any concerns.

Experience a Headless Content Management System, Join Zesty.io.


Start a Sandbox Now

More from Mindshare: Content Marketing

Placeholder image

SEO Content Writing: The 2018 Rulebook

Increase your chances that your content will be seen and shared, that it will be seen favorably by Google, and

Read Article
Placeholder image

Top Tips for Optimizing SEO in 2019

Calling all content strategists: get ahead of the curve in 2019 with these tips for optimizing your content to rank

Read Article
Placeholder image

How to Choose the Best CMS Platforms for Marketing

We’ve created a checklist to pinpoint how to choose the best CMS platforms that can take digital experiences next level.

Read Article
Placeholder image

50 High Converting Content Ideas

Feeling writer's block? Try switching up the content and testing these high-converting ideas for your strategy.

Read Article
Chloe Spilotro photo

Chloe Spilotro

Marketing Manager, Zesty.io

Marketing Manager at Zesty.io. Hooked onto the platform since first using it through the Zesty.io Incubator Program at the University of San Diego. Passionate about all things marketing, IoT, and helping businesses leverage technology to grow and become major players in their industries.... Learn More

Exploring content solutions? Looking to replatform?

Speak with an Expert


Chat with Us

To speak with someone in sales and marketing, use the chat popup on this page. To speak with a developer, join https://chat.zesty.io