Bad News – Jetpack plugin might be making your wordpress website liable to vulnerability. Continue reading to find out how
Jetpack is an amazing power packed plugin. It combines several features into one which includes but not limited to Social Sharing, Security, Speed, Downtime Monitoring, and more. There is an article on NSB which talks about how to use Jetpack to monitor your website downtown here, you might want to check it out.
However despite the fact that this plugin has a blazing super features; i had no choice than to deactivate it for now due to the security purposes.
How It All Started
As the WordPress Technician for his site; it is my job to find out what caused the issue and as well as find a way to resolve the bug.
How To Setup A Self-Hosted WordPress Website From Scratch [Beginners Guide]
Initially the site was designed with a very light theme which makes it load in few seconds. But after the issue of the bug, it took a longer period of minutes before the website loads.
And much more worse – the website UX was totally in great confusion. The LIVE wordpress website was in a great disorder – a complete mayhem.
Noticing the scenario; i brought out some of my WordPress tools and began troubleshooting the bug. After different diagnosis; i later discovered the bug to come from Jetpack Plugin.
I confirmed the bug to come from Jetpack plugin after experimenting with another site only to find out that when Jetpack plugin is activated on the site; the site went mayhem. But when the Jetpack plugin is deactivated; everything went back to normal.
Jetpack WordPress Plugin Vulnerability Cases
This actually not the first reported case. Some other cases are found in the sources below;
Jetpack Plugin Vulnerability places Million WordPress Websites at Risk [Webtitan 2016]
Hijacked WordPress.com Accounts Used To Infact Sites Through Jetpack [Wordfence 2018]
JetPack WordPress Plugin Vulnerability – Is Your Site Secure? [NetSocialBlog 2019]
Should You Use Jetpack or NOT Use Jetpack?
I wouldn’t give a direct YES or NO Answer to this yet.
YES- Why Should You Use Jetpack?
The answer is simple; ⇒ Jetpack is a popular plugin which has lots of amazing features. Like the auto sharing and website downtime monitoring.
Their features is so huge that as a matter of fact; it is recommended as one of the Top Plugins To Install On Your WordPress Website on First Installation.
Strong Team + Customer Support –
More importantly; Jetpack has a strong company behind it [Automattic] which comprises of hard-working team members who are constantly working on improving the security and stability of the plugin.
So if you had any issues with the performance; you can always get feedback.
NO – Why You Should NOT Use Jetpack
The answer is pretty simple – Security!!
Security is very important and no-one would be willing to trade their website security for anything. That is why most WordPress website owners hired security expert to manage their site technical for them.
If you’re not using much of Jetpack features; then you can deactivate it and sought for alternatives like the Twitter Feed Widgets Here.
A Word of Advice For WordPress Website Owners
If you are using a WordPress website; you have to be extra careful with how you manage your site. Ensure you use a very good hosting provider, be wary of the plugins you use, backup frequently and monitor your website unusually activity.
While there are several ways to manage your website security; you can simply make use of these 6 Simple Non-Fail Ways To Secure your WordPress Website.
If you can’t go through all the hassle; then hire someone else to monitor your website security.