Read this article for a detailed list of all the other software components that make up a WordPress website. By knowing what your WordPress website is made of, and on which platform it is running you will be able to take a more holistic approach to WordPress security.
This post explains why you should know who is logged in to your WordPress websites and blogs and how you can do it.
This article gives an overview of the four main WordPress security principles highlighted in the WordPress security wheel. By adhering to these principles, WordPress website owners can improve the security of their websites, thus ensuring they are not vulnerable to malicious WordPress hack attacks.
Robert Abela, the founder of WP White Security and WordPress’ most popular audit trail and user monitoring plugin WP Security Audit Log was featured in WordPress Business Success e-book, in which 14 other WordPress business owners were interviewed.
This WordPress security glossary includes a list of terms and keywords that are typically used in WordPress security documents. The scope of such document is to help you understand the WordPress security lingo.
First things first, do not panic. This article will guide you through the process of cleaning a hacked WordPress website. The process is documented in an easy to follow step by step format; identifying the source of the hack, identifying the infection, cleaning the code, regaining control of your WordPress website or blog and removing the… Read More
Once you clean up the malware infection from your hacked WordPress website or blog you have to apply for a Google malware review to have the Google malware warning removed. Read this post for more information on how to apply for a Google malware review.
The infrastructure of the WordPress REST API will be included in the core of WordPress version 4.4. The release of WordPress version 4.5 will also include a number of endpoints for the REST API. The addition of this new functionality in WordPress core has raised a few eyebrows. Many are already concerned and as usual, WordPress security is the… Read More
There are several benefits to keeping a record of everything that is happening on your website in a WordPress audit log. As seen in this example, you can configure email alert so you are alerted of any suspicious user behaviour at an early stage, allowing you to thwart any possible hacker attacks before any damage is done on your WordPress website and multisite network.
By default it is very easy to guess a WordPress username. Is this WordPress username disclosure a vulnerability or not? Many software vendors such as Microsoft and Cisco had similar issues in the past and they fixed it. Yet in the WordPress ecosystem this is not considered as a vulnerability.