Articles from Robert Abela

About Robert Abela

Robert Abela is the CEO and founder of WP White Security, the developers of the most comprehensive WordPress activity log plugin WP Activity Log, and the Password Policy Manager for WordPress plugin.

WordPress Two-Factor Authentication (2FA): what is it & using it on your site

The security of your WordPress website depends on the systems you put in place to protect it and harden its security. With the sharp increase of automated password guessing, your users’ sensitive information and access to your site are more at risk than ever. This is why it’s so important to protect your WordPress site […]

WP 2FA 1.2: Multisite networks support, configurable email notifications templates & other updates

Today we are excited to release WP 2FA update 1.2. In just a month, our easy-to-use two-factor authentication (2FA) plugin has been downloaded more than 1,000 times. It received very good reception, and many of you sent us feedback. Thank you for that. The highlights of this update are support for WordPress multisite network, configurable […]

PPMWP 2.2: Out of the box support for custom login pages & other updates

Today we are releasing Password Policy Manager 2.2. The highlights of this update are the out of the box support for custom login pages and the plugin translations. We have also included a number of updates and fixed a number of issues in this update. These release notes highlight what is new, improved and fixed […]

WFCM 1.5: Hourly file integrity scans & other plugin improvements

In this update of the Website File Changes Monitor plugin we focused on further improving the file scanning technology. The results speak for themselves; faster scans that requires less resources. Here, you can read in more details what is new and improved in update 1.5 of our file integrity monitor WordPress plugin. Hourly file integrity […]

Say hello to WP 2FA – a new free WordPress two-factor authentication plugin

An administrator should be able to add two-factor authentication (2FA) to a WordPress site easily within minutes. The admin should also be able to configure policies to make 2FA compulsory, and users should be able setup 2FA without requiring any training or technical knowledge. We started developing WP 2FA with that in mind: develop an […]

Should maintained plugins be suspended from the WordPress repository when there is a security issue?

On 27th February 2020, at 9:34PM (CET) we received an email notifying us that our plugin WP Activity Log was “temporarily withdrawn from the WordPress.org Plugin directory due to an exploit”. We submitted a fix on Friday, 28th February 2020, at 4:08PM. It only took us 16.5 hours to release the fix. We would have […]

PPMWP 2.1: the new dormant users policy & support for post login redirects

Password Policy Manager for WordPress 2.1 is out today! In this plugin update we added a new policy to disable dormant users, support for post login redirect plugins, and several other improvements. This post highlights all that is new and improved in the latest version of Password Policy Manager for WordPress. The dormant WordPress users […]

Using the Google Authenticator app for WordPress 2FA

Whenever you implement a security measure, you should also have some sort of fallback. You do not want to be compromised by the failure of a single component. This is known as defense in depth. When you manage a WordPress website, one of the most important aspects of security is authentication, a.k.a. how you login […]

How to eliminate false positives in file integrity monitoring on WordPress

File integrity monitoring (FIM) allows you to quickly detect file changes on your WordPress site. It is an important part of securing a WordPress site and the way it works is very simple: it compares baseline cryptographic hashes to the current hash of the monitored files. When a change happens, you get an alert. However, […]

Strong WooCommerce passwords – enforcing policies without deterring customers

Keeping your eCommerce store secure is a must. Not only is it an important source of income for your business, but it also contains sensitive customer information, such as billing details and credit card numbers. Strong passwords can prevent many cyber attacks, but you’ll need a way to enforce them without deterring customers. By creating […]