WordPress Security Blog

Handling WordPress failed login attempts on your site

This article explains why many WordPress websites have a lot of failed login attempts. It also explains what you can do to protect your WordPress website from failed login attacks.

PPMWP 2.4.0: New feature to block users with failed login attempts & other updates

Today we are happy to announce Password Policy Manager update 2.4.0. This exciting release features the much anticipated new feature to block users which have failed login attempts as well as other updates and improvements. Let’s dive right in to see what is new and improved in this latest update of our Password Policy Manager […]

What is the best way to backup a WordPress website?

If you’re asking what is the best way to backup a WordPress website, then you’ve made a good start. That means you know backing up your WordPress website or blog is necessary. You just want to know which option works best for you. We’re here to help you answer the question. In this blog post, […]

Can your WordPress website users damage your business?

Can your employees be a threat? Yes, quite possibly, but in the main unwittingly. I wrote recently on the statistics which highlight the biggest source of WordPress vulnerabilities. However, another sizeable constituent part of your infrastructure is equally vulnerable, if not more so, and which we all too often overlook – our users – who […]

Join us for free at the biggest online summit in the WordPress space

This past year has been a rollercoaster of emotions for many of us. Some were thriving while others were barely surviving. One takeaway we can be proud of as a community is how most of us had to be even more creative than usual to get through 2020… With long hours, a lot of stress […]

How to manually backup your WordPress website without a plugin

It’s important to understand the most fundamental WordPress tasks when running your site. Security, of course, should be one of your primary considerations. Creating a manual WordPress backup should also be in your toolbox. You should use a dedicated backup plugin or online service to automatically back up your website. However, by knowing how to […]

How to clean a hacked WordPress website or blog

Whether your WordPress website has been hacked and you’re currently in damage control, or whether you’re preparing for the worst, this article will guide you through the process of cleaning a hacked WordPress website. The process is documented in an easy to follow step-by-step format to help you accomplish the following: Gain back control of […]

How to choose the best WordPress web hosting provider

You’re searching the web for information on how to choose the best WordPress web hosting service, right? You’re determined that your website host will help search engines prioritize your website above other slower, less reliable and less secure websites. But, how do you decide? This blog post defines the four main types of WordPress web […]

WordPress HTTPS, SSL & TLS – a guide for website administrators

When you visit a website, your browser (also known as a client) sends a HTTP request to a web server. Once the web server sends an HTTP response, the browser can then render the page to your screen. However, HTTP traffic has a problem; it is a plaintext protocol. This makes it susceptible to snooping […]

WordPress security & hardening, the definitive guide

WordPress is massively popular. Around every one in five sites on the Internet uses WordPress in some form. Be that to run a humble blog, or a multi-site Content Management System (CMS) or e-commerce site. As a result, it is no surprise that WordPress websites are a very popular target for both experienced hackers and […]

Our other plugins