WordPress Security Blog

WordPress file permissions: the guide to configuring secure website & web server permissions

WordPress can pretty much run on any operating system that runs PHP. However, the vast majority of WordPress websites run on Linux. Therefore it is important that you understand Linux file permissions. It is crucial to get file permissions right. Setting incorrect file permissions can open your website up for attack. Incorrect file permissions can […]

WFCM 1.6: full integration with WP Activity Log

Today we are announcing two releases; Website File Changes Monitor 1.6 and  WP Activity Log 4.1.2. They are being released together because we have integrated the plugins. Let’s dive right in and see what this integration is all about, and what are the benefits to both plugins’ users. Superior file integrity monitoring scans and better […]

The WordPress security process; Test, Harden, Monitor, Improve

WordPress security is not unlike many other areas of IT security. It’s not a one time fix. It is something that is never actually finished. Whilst there are several steps you can take to improve your WordPress security, your site and business requirements will change. So adopting a point-in-time security assessment will only give you […]

WP 2FA 1.3: 2FA setup website page & improved 2FA policies

The most highly requested WP 2FA feature we are asked for is to allow users to setup two-factor authentication from a website page. In eCommerce stores and membership / subscription websites users only have access to custom user profile pages, so it was not possible for them to setup 2FA. With this update of our […]

Secure your WordPress login with these easy-to-use plugins

When it comes to managing your WordPress site, keeping your login secure and working well should be of top priority. Whether you operate an eCommerce store, or a membership site, making sure that your users utilize a strong username and password combination is essential to securing your website against outside threats and hacking attempts. And […]

WordPress Two-Factor Authentication (2FA): what is it & using it on your site

The security of your WordPress website depends on the systems you put in place to protect it and harden its security. With the sharp increase of automated password guessing, your users’ sensitive information and access to your site are more at risk than ever. This is why it’s so important to protect your WordPress site […]

WP 2FA 1.2: Multisite networks support, configurable email notifications templates & other updates

Today we are excited to release WP 2FA update 1.2. In just a month, our easy-to-use two-factor authentication (2FA) plugin has been downloaded more than 1,000 times. It received very good reception, and many of you sent us feedback. Thank you for that. The highlights of this update are support for WordPress multisite network, configurable […]

How to make your WordPress website CCPA compliant

After the introduction of GDPR back in 2018, there’s now another law that’s set to further effect WordPress webmasters in their bid to remain compliant with local data privacy regulations. Its name? The California Consumer Protection Act (or CCPA for short). This new piece of legislation is designed to provide Californians with enhanced protection with regard to […]

PPMWP 2.2: Out of the box support for custom login pages & other updates

Today we are releasing Password Policy Manager 2.2. The highlights of this update are the out of the box support for custom login pages and the plugin translations. We have also included a number of updates and fixed a number of issues in this update. These release notes highlight what is new, improved and fixed […]

WFCM 1.5: Hourly file integrity scans & other plugin improvements

In this update of the Website File Changes Monitor plugin we focused on further improving the file scanning technology. The results speak for themselves; faster scans that requires less resources. Here, you can read in more details what is new and improved in update 1.5 of our file integrity monitor WordPress plugin. Hourly file integrity […]