WordPress botnet – 20,000 infected websites attacking other WordPress sites:

People who don't need WP features and just want to run a modern website/blog can use Hugo or other static site generators instead of spending hours to update, harden and configure WP.

Benefits: no PHP interpreter, no CMS, no databases, no login mechanisms, stricter security configuration.

@infosechandbook Also, if they want the CMS features of WordPress, they can also run WordPress on a unconnected server and use httrack or similar for producing the pages on the public server.

Sign in to participate in the conversation
Mastodon is a microblogging site that federates with most instances on the Fediverse.