WordPress Security Blog

What is regulatory compliance & how does it affect WordPress security?

In order to do business, your WordPress website and business have to adhere to rules and regulations. These rules and regulations may take the form of laws (such as GDPR or HIPAA). They may also be compliance requirements, such as PCI DSS or ISO 27001, and may vary from one country to the other. What […]

Website File Changes Monitor 1.2: New Scan Now button & improvements

Update 1.2 of the Website File Changes Monitor plugin for WordPress is available for download. In this update we have: Added a new Scan Now button to the main interface so you can launch instant file changes scans on your WordPress site with just a mouse click. Introduced a new setting to enable debug logging […]

How to manage your WordPress users

The more users your have on your WordPress website, the more difficult it is to manage them. The administrative efforts required usually include controlling access, restricting ‘site-breaking’ settings, stopping users from modifying specific content, and more. WordPress has user roles to let you set privileges and manage users. However, there are plenty of other ways […]

Our Account Of Hosting With Kinsta Managed WordPress Hosting

This website was previously hosted on Digital Ocean, Siteground and A2 Hosting. They are all great WordPress hosting providers and we never had problems with any of them. We even wrote an article / review on our experience with them. However, from time to time we like to change the web host. We do this […]

Website File Changes Monitor Update 1.1: Email Notifications & More

Today we are releasing update 1.1 of the Website File Changes Monitor plugin. This update is based on the important feedback we got from our users after launching this plugin a few weeks ago. The main highlight of this update are the instant file changes notifications via email. However there is much more to this […]

4 Reasons Password Policies Are Vital for WordPress Users

For every account you set up you should use a unique and difficult password. That’s a given, but you’d be surprised at how many people don’t give a second though to password security. This means that, in many cases, the safest approach is to not leave password safety up to your users. Instead, you can […]

Password Policies Manager Plugin Update 1.2 – Support For Custom Login Pages

Today we announce Password Policy Manager for WordPress update 1.2, the plugin that enables administrators to enforce strong WordPress passwords. The highlight of this update is a new hook that allows theme developers to include the password policies in custom pages. In this update we have also included a few minor improvements and enhancements. Support […]

What Is WordPress File Integrity Monitoring & Why Your WordPress Needs It?

Have you ever had to clean your WordPress website from a malware infection? Do you know how to find out which code was compromised? Do you know if your developers or agency left backup and leftover files on your website that can leave you exposed? This post explains how File integrity monitoring (FIM) helps you […]

Passwords Management Best Practices For WordPress Administrators

“Use a strong and different password for every online service, device, email account and website you have.” As an owner  or contributor to a few WordPress sites you are subscribed to an overwhelming number of online services and websites. And even though you agree with the above statement, it is very difficult for you to […]

Announcing The New Website File Changes Monitor Plugin for WordPress

We have been toying with the idea of developing a WordPress file integrity scanning and monitoring plugin for quite some time. However, we did not want to develop just another file scanning plugin. We wanted to develop a WordPress file scanning plugin that addresses the issues existing  ones have! So in January we went back […]