‘Wiches Cauldron web site woes shows importance of WordPress security

Google Search shows remnants of hack to ‘Wiches Cauldron website. (via Google Search)
Google Search still shows remnants of hack to the ‘Wiches Cauldron website. (via Google Search)


‘Wiches Cauldron co-owner Craig Beaudry was about to do some food preparation when a regular customer contacted him about a problem with the food trailer’s website last week.

“I think your website has been hacked,” Beaudry said he was told. “To which we were like ‘yeah, yeah, whatever.'”

“And then we went and checked it out, only to find out that it was very, very hacked.”

According to VICE News and the Ottawa Citizen, pro-ISIS messages replaced the website’s usual quirky, food-focused image.

Beaudry said his immediate reaction was “shock and awe” and a lot of shifting wide eyes from the screen to his wife Monique, the other owner.

Despite what happened, Beaudry said the only problem is that they won’t be able to update their online menu, which changes from week to week, until the website is restored.

“It was just an inconvenience more than anything else,” he said.

The website is still offline as of Thursday morning.

Monique Haugen and Craig Beaudry from Wiches Cauldron. Photo by Jordan Mady.
Monique Haugen and Craig Beaudry from Wiches Cauldron. Photo by Jordan Mady.


Local website developer Jonathan Ball said things like this tend to be fairly arbitrary.

“It’s not some guy sitting in the dark saying ‘I’m going to hack into that food truck’s website’,” he said.

According to Ball, this particular hack was most likely conducted at random using software designed to sift through thousands of I.P. addresses, looking for unsecure websites. “Unsecure” can mean using a simple password, a basic website server package or a dated version of a website back-end like WordPress.

Ball, the owner of DiskDaddy, a website and software design company based in Stittsville, had his own website hacked in a similar way earlier this year.

“We recovered in two or three hours. We had all of our back-ups,” he said.

The programmer said there are numerous things that can be done to protect local business websites from hacks. These range from plug-in software that saves back-up versions of a website which can be almost immediately restored, to tools that can block certain activity.

He also stresses the importance of maintaining security mechanics after starting a website.

“Just recovering from a stale website, stale plug-ins and stale versions of WordPress is much more of a headache than to just maintain that along the way,” Ball said.


Beaudry acknowledges that it wasn’t personal and jokes about the positive impact it had on his business.

“I’ve had people come here just to talk to me about it,” Beaudry said. “I couldn’t afford that kind of publicity.”


2 thoughts on “‘Wiches Cauldron web site woes shows importance of WordPress security”

  1. maintenance and appyling security patches is the key. Most hacks are older, known security flaws and are easily preventable.

Leave a Reply