Recently Wordfence (in my opinion the best WordPress security and firewall plugin) released an article about securing your home router. The article can be found here.
Apparently, a fairly large percentage (6.7%) of attacks on WordPress sites are caused by hacked home routers! According to the linked article, in the last month alone Wordfence detected 57,000 of these attacks from home routers to WordPress sites. Clearly, that’s 57,000 too many.
Not only that, the hackers can do other damage by accessing your router – like messing with wifi devices like webcams and mobile phones; and even screwing up climate and sprinkler controllers. Imagine what could happen if wifi controlled door locks were disabled, or your fridge suddenly ordered a couple sides of beef.
(I just thought of this – Alexa might be vulnerable too. Wow, that could be dangerous 😯 )
If you’re like me, you probably assumed your router and wireless connection were automatically secure. After all, how could your ISP allow something like that to happen?
The vulnerability is called the “misfortune cookie”, and it exists because of a service the ISP uses to monitor your home router via port 7547. Unfortunately, half of the ISP’s Wordfence analyzed have not closed down the port 7547 weakness.
Fortunately for all of us, Wordfence has a scanner on the page I linked. It just takes a couple seconds to run (after all, it’s just checking a single port on your router), and produces results immediately. I ran it, and fortunately my result was “Your router is safe”. Yay.
If you run the scan and find your router is “not safe”, or if your safe but the port is open, the article provides a number of steps you can take to “fix” the problem. The solutions range from rebooting your router to contacting (bugging) your ISP to get the issue resolved.
Finally, let your friends and associates know about the 7547 open port issue. You can do this by sharing this post or sharing the post I linked at the top of the article.
Until next time…
Related articles
Here’s a free way to protect your information that only takes 10 minutes to set up(businessinsider.com)
What to know when choosing between router and mesh networking(windowscentral.com)
Exploit revealed for remote root access vulnerability affecting many router models(helpnetsecurity.com)