Articles from Robert Abela

About Robert Abela

Robert Abela is the CEO and founder of WP White Security, the developers of the most comprehensive WordPress activity log plugin WP Activity Log, and WPassword.

PPMWP 2.1.0: the new dormant users policy & support for post login redirects

WPassword 2.1 is out today! In this plugin update we added a new policy to disable dormant users, support for post login redirect plugins, and several other improvements. This post highlights all that is new and improved in the latest version of WPassword.

Using the Google Authenticator app for WordPress 2FA

When you manage a WordPress website, one of the most important aspects of security is authentication, a.k.a. how you login to your website. There are several ways how to harden the authentication to improve the defence in depth of your WordPress login mechanism. One of them is to implement two-factor authentication (2FA).

Strong WooCommerce passwords – enforcing policies without deterring customers

Keeping your eCommerce store secure is a must. Not only is it an important source of income for your business, but it also contains sensitive customer information, such as billing details and credit card numbers. Strong passwords can prevent many cyber attacks, but you’ll need a way to enforce them without deterring customers.

Using WPScan to find WordPress vulnerabilities on your website

WPScan is a black box WordPress Security Scanner written in Ruby. Ideal for penetration testers, security professionals and WordPress administrators WPScan can find security weaknesses within a WordPress blog or website.

WFCM 1.4.0: Improved file changes coverage for WordPress websites

These last few weeks we have been busy working on our file integrity monitor plugin for WordPress: Website File Changes Monitor. In this update we focused on improving the coverage of the plugin, so it can detect file changes which it didn’t before.

PPMWP 2.0.0: Multisite networks support & first time login password change

Today we are announcing WPassword 2.0! We are very excited about this release. Finally, WordPress multisite network administrators can also enforce strong password policies.

Choosing the right HTTPS certificate for your WordPress website

In our previous post WordPress HTTPS, SSL and TLS – a guide for website administrators, we explained what HTTPS and all the other technical terms are, and how it works. In this article, we discuss HTTPS certificates, the different ways you may acquire one for your WordPress website, and why you should or shouldn’t pay for one.

Interview with Ivica Delic on WordPress professionals & security

Ivica Delic has been working with WordPress since 2011 and has co-founded He has volunteered in the WordPress community and attended and presented at numerous WP Meetups about speeding up WordPress websites.

WFCM 1.3.0: UX improvements

Since this is only the third update of the Website File Changes Monitor plugin, we are still finding new ways how to improve the user experience (UX). Thankfully, we get a lot of valuable feedback from the plugin users on how we can make the plugin easier to use and better.

PPMWP 1.4.0: premium trials, advantageous pricing & plugin improvements

In September 2018 we released the first version of WPassword. The plugin has been a great success. It helps hundreds of administrators ensure their WordPress users use very strong passwords. Today we are announcing update 1.4 of the plugin. With this update we are allowing users to trial the plugin before they buy it, which […]

Our other plugins