WordPress Security Blog

WP 2FA 1.4: Support for Authy, FreeOTP, and other 2FA apps

Many have chosen to use our WP 2FA plugin because you do not have to be a developer or a security ninja to enable and require 2FA on your website. Our two-factor authentication plugin is dead easy to use. Today, we are taking it a step further; we are releasing an update in which we […]

PPMWP 2.3: Inactive users check, policies & performance updates

Today we are announcing Password Policy Manager update 2.3.0. This is an exciting release featuring the all new inactive WordPress users check. In it we also included a good number of other password policies improvements and performance updates. Let’s dive right in to see what is new and improved in this latest update of our […]

WordPress file permissions: the guide to configuring secure website & web server permissions

WordPress can pretty much run on any operating system that runs PHP. However, the vast majority of WordPress websites run on Linux. Therefore it is important that you understand Linux file permissions. It is crucial to get file permissions right. Setting incorrect file permissions can open your website up for attack. Incorrect file permissions can […]

WFCM 1.6: full integration with WP Activity Log

Today we are announcing two releases; Website File Changes Monitor 1.6 and  WP Activity Log 4.1.2. They are being released together because we have integrated the plugins. Let’s dive right in and see what this integration is all about, and what are the benefits to both plugins’ users. Superior file integrity monitoring scans and better […]

The WordPress security process; Test, Harden, Monitor, Improve

WordPress security is not unlike many other areas of IT security. It’s not a one time fix. It is something that is never actually finished. Whilst there are several steps you can take to improve your WordPress security, your site and business requirements will change. So adopting a point-in-time security assessment will only give you […]

WP 2FA 1.3: 2FA setup website page & improved 2FA policies

The most highly requested WP 2FA feature we are asked for is to allow users to setup two-factor authentication from a website page. In eCommerce stores and membership / subscription websites users only have access to custom user profile pages, so it was not possible for them to setup 2FA. With this update of our […]

Secure your WordPress login with these easy-to-use plugins

When it comes to managing your WordPress site, keeping your login secure and working well should be of top priority. Whether you operate an eCommerce store, or a membership site, making sure that your users utilize a strong username and password combination is essential to securing your website against outside threats and hacking attempts. And […]

WordPress Two-Factor Authentication (2FA): what is it & using it on your site

The security of your WordPress website depends on the systems you put in place to protect it and harden its security. With the sharp increase of automated password guessing, your users’ sensitive information and access to your site are more at risk than ever. This is why it’s so important to protect your WordPress site […]

WP 2FA 1.2: Multisite networks support, configurable email notifications templates & other updates

Today we are excited to release WP 2FA update 1.2. In just a month, our easy-to-use two-factor authentication (2FA) plugin has been downloaded more than 1,000 times. It received very good reception, and many of you sent us feedback. Thank you for that. The highlights of this update are support for WordPress multisite network, configurable […]

How to make your WordPress website CCPA compliant

After the introduction of GDPR back in 2018, there’s now another law that’s set to further effect WordPress webmasters in their bid to remain compliant with local data privacy regulations. Its name? The California Consumer Protection Act (or CCPA for short). This new piece of legislation is designed to provide Californians with enhanced protection with regard to […]