WordPress Security Blog

WFCM 1.8.0: Background file integrity scanning and improved scalability

Today, we are happy to announce update 1.8.0 of the Website File Changes Monitor plugin for WordPress. Prior to this update, the plugin had some issues with the scan timing and resources required to run the scans. This update introduces a completely revamped version of the plugin allowing for better reliability, performance and scalability. Below […]

PCI compliance and WooCommerce – All you need to know

Whether you’re building, maintaining, or operating an eCommerce website, you need to be aware of your security responsibilities. Luckily, there are standards and regulations that can help you keep online stores, such as those built with WooCommerce, safe and secure. The most notable among these is the Payment Card Industry Data Security Standard (PCI-DSS). Do […]

Top 10 WordPress website maintenance tips

A newly installed WordPress site feels so good. No speed issues, no plugin conflict, no errors, no problems at all. You are exhilarated, and you can’t wait to see thousands of readers on your website every week. Few months down the line, your seemingly perfect site begins to struggle. Speed might become a problem, some […]

WordPress email deliverability and how to improve it

Email is arguably the most common electronic communication medium on Earth. It’s used for everything, from communication to alert notifications, to password reset flows and email-based Two-factor Authentication (2FA). As a website owner sending email from your WordPress site, there are a few issues you’ll likely encounter. If you simply try and install a plugin […]

WP 2FA 1.6.0: New users’ 2FA status column & customizable redirects after 2FA setup

It has been almost four months since we released the last update of the WP 2FA plugin. So naturally, today we are very excited to announce WP 2FA 1.6.0. Since the plugin is now used by more than 15,000 users, we are getting a lot of useful feedback. Because of the feedback, this update comes […]

Handling WordPress failed login attempts on your site

This article explains why many WordPress websites have a lot of failed login attempts. It also explains what you can do to protect your WordPress website from failed login attacks.

PPMWP 2.4.0: New feature to block users with failed login attempts & other updates

Today we are happy to announce Password Policy Manager update 2.4.0. This exciting release features the much anticipated new feature to block users which have failed login attempts as well as other updates and improvements. Let’s dive right in to see what is new and improved in this latest update of our Password Policy Manager […]

What is the best way to backup a WordPress website?

If you’re asking what is the best way to backup a WordPress website, then you’ve made a good start. That means you know backing up your WordPress website or blog is necessary. You just want to know which option works best for you. We’re here to help you answer the question. In this blog post, […]

Can your WordPress website users damage your business?

Can your employees be a threat? Yes, quite possibly, but in the main unwittingly. I wrote recently on the statistics which highlight the biggest source of WordPress vulnerabilities. However, another sizeable constituent part of your infrastructure is equally vulnerable, if not more so, and which we all too often overlook – our users – who […]

Join us for free at the biggest online summit in the WordPress space

This past year has been a rollercoaster of emotions for many of us. Some were thriving while others were barely surviving. One takeaway we can be proud of as a community is how most of us had to be even more creative than usual to get through 2020… With long hours, a lot of stress […]

Our other plugins