WordPress Security Blog

WordPress HTTPS, SSL & TLS – A Guide For Website Administrators

When you visit a website, your browser (also known as a client) sends a HTTP request to a web server. Once the web server sends an HTTP response, the browser can then render the page to your screen. However, HTTP traffic has a problem; it is a plaintext protocol. This makes it susceptible to snooping […]

Interview with Ivica Delic on WordPress professionals & security

So far we have only interviewed people who understand and work in application and WordPress security. We have always heard the vendors’ voice. However, in this interview we took a different approach. We interviewed Ivica Delic, a WordPress professional about security. The scope of this interview is to better understand how WordPress professionals, to whom […]

Website File Changes Monitor 1.3 – UX improvements

Since this is only the third update of the Website File Changes Monitor plugin, we are still finding new ways how to improve the user experience (UX). Thankfully, we get a lot of valuable feedback from the plugin users on how we can make the plugin easier to use and better. Let’s jump right in […]

How to Manually Deactivate WordPress Plugins

Plugins are a great aspect of using WordPress. However, at some point, you’ll need to uninstall or deactivate a plugin for one reason or another. This might present a problem, in that, the default method for deactivating WordPress plugins might not be always available. For example, to fix an issue where you lose access to […]

Password Policy Manager 1.4: premium trials, advantageous pricing & plugin improvements

In September 2018 we released the first version of the Password Policy Manager plugin for WordPress. The plugin has been a great success. It helps hundreds of administrators ensure their WordPress users use very strong passwords. Today we are announcing update 1.4 of the plugin. With this update we are allowing users to trial the […]

Prevention is the way to go when it comes to WordPress security

A common misconception is that malicious hackers only target websites with large income, or those that store valuable sensitive information. However, WordPress websites generally get a lot of unwanted attention, which is why it’s important to take preventive measures from the get-go. The good news is that (on top of basic measures such as having […]

What is regulatory compliance & how does it affect WordPress security?

In order to do business, your WordPress website and business have to adhere to rules and regulations. These rules and regulations may take the form of laws (such as GDPR or HIPAA). They may also be compliance requirements, such as PCI DSS or ISO 27001, and may vary from one country to the other. What […]

Website File Changes Monitor 1.2: New Scan Now button & improvements

Update 1.2 of the Website File Changes Monitor plugin for WordPress is available for download. In this update we have: Added a new Scan Now button to the main interface so you can launch instant file changes scans on your WordPress site with just a mouse click. Introduced a new setting to enable debug logging […]

How to manage your WordPress users

The more users your have on your WordPress website, the more difficult it is to manage them. The administrative efforts required usually include controlling access, restricting ‘site-breaking’ settings, stopping users from modifying specific content, and more. WordPress has user roles to let you set privileges and manage users. However, there are plenty of other ways […]

Our Account Of Hosting With Kinsta Managed WordPress Hosting

This website was previously hosted on Digital Ocean, Siteground and A2 Hosting. They are all great WordPress hosting providers and we never had problems with any of them. We even wrote an article / review on our experience with them. However, from time to time we like to change the web host. We do this […]