Monitoring and keeping our customer’s websites is key to what we do at Global River. We run a number of solutions to alert us to WordPress and WooCommerce updates across our customer base of almost 150 live Clients. We do this because we understand what happens if this is not done! Yes, we have been caught out in the past and understand all to well what can happen if you let even one website become out of date. Our experience over 10 years of helping and managing customers also includes rescuing plenty of websites that have been hacked. One thing we learnt during this process is that not all Website Hosting companies offer any kind of help when this happens. Indeed most of them will simply turn your website off to protect the rest of their websites on a shared hosting environment. Doing this would fall a million miles outside our excellent service promises, so we have had to develop a robust and layered approach to protecting our customer’s sites;
*We often detect hacks/potential hacks simply by seeing our servers behaving differently, before this is ever seen by any of our customers. Blocking attackers IP Addresses then protects us and our customers moving forward.
Bearing all of the above in mind, it was still a surprise to be informed by WooCommerce last week of a Serious Vulnerability;
We’re reaching out to let you know that a critical vulnerability was identified in WooCommerce (versions 3.3 to 5.5) and the WooCommerce Blocks feature plugin (versions 2.5 to 5.5).
For all of our customers our response was behind the scenes, applying the required updates. As with much of what we do, this simply meant that all sites ran as usual that day and are secure moving forward. If you are unsure as to whether your website is up to date and secure let us know and we would be happy to take a look.