Is Responsible Disclosure of Vulnerabilities Ethical?

There have been a number of cases where even though researchers followed the rules of responsible disclosure when publishing an advisory, millions of WordPress websites were still put at risk of being hacked. This article explains why responsible disclosure is not enough and why everyone should be more ethical about disclosing details about identified vulnerabilities.

Principle of Least Privileges and WordPress Security

Even though the principle of least privileges is very popular in the IT security industry, many WordPress users still do not apply this principle because “things do not work out of the box”. Though by applying it you can improve the security of your WordPress blogs and websites.

All You Need to Know About WordPress Website Firewalls (a.k.a. Web Application Firewalls)

A WordPress website firewall (also known as a Web Application Firewall) helps you protect your WordPress websites and blogs from malicious hacker attacks, though it is not a bullet broof solution. This article explains how they work and discusses their pros and cons.

WordPress Security Bloggers – Central Source for WordPress Security News and Updates

WP Security Bloggers is a WordPress security news central. The website pulls WordPress security news and updates from a number of prominent WordPress security blogs, websites and various other security sources.

Statistics Highlight the Biggest Source of WordPress Vulnerabilities

WordPress vulnerabilities statistics show that the main source of WordPress vulnerabilities are in WordPress plugins. These vulnerabilities statistics also show how important it is to always run the latest version of WordPress core, plugins and themes.

Is WordPress More Secure with a Changed Database Prefix?

A popular WordPress hack to improve WordPress security is to rename the WordPress database prefix. Does this really improve the security of WordPress? Read this article to find out how by changing the WordPress database prefix you can contain attacks even when your WordPress or any other component on it is vulnerable to SQL Injection.

Understanding the WordPress Security Plugins Ecosystem

There are many WordPress security plugins available but not all of them have the same scope. Hence before being deciding which plugin to install, users should first understand what type of plugins there are available to be able to determine which plugins will help them meet the WordPress security requirements, and ensure that every aspect of the WordPress security ecosystem is addressed.

Hide WordPress Usernames to Improve WordPress Security

A WordPress security tutorial that explains how and why you should hide your WordPress usernames to improve the security of your WordPress blogs and websites.

Is WordPress Secure?

In the last few weeks the WordPress community started questioning the state of security of WordPress again because a number of vulnerabilities have been discovered both in WordPress and a number of popular WordPress plugins. This article explains how even though there are so many vulnerabilities being discovered, WordPress per se is a very secure software.

What are Targeted and Non-Targeted WordPress Hack Attacks

There are various types of WordPress hack attacks and most of them can be classified under two categories; Targeted and Non-Targeted WordPress hack attacks. This security articles explains what each type of attack is, how it works and how to protect your WordPress sites and blogs from these malicious WordPress hack attacks.

Get Notified Instantly of Changes on Your WordPress

The WSAL Notifications Extension plugin enables WordPress administrators to setup monitoring rules so they are notified instantly via email when important changes happen on their WordPress.

Learn More