WordPress Security Blog

A new chapter for WP 2FA

Since its inception, WP 2FA has evolved to become one of the top WordPress 2FA plugins – thanks to the hard work of the team and our customers who have shown faith in us and our products and provided us with invaluable feedback. WordPress security continues to become an increasingly hot topic, more so as […]

How to access WordPress Files

WordPress files and folders are the heart and soul of WordPress. Here you’ll find everything from the core code of WordPress to plugin and theme files, media, and everything in between. While you might need to access these files on a daily basis, knowing how to access and navigate the file hierarchy can come in […]

What to take away from GoDaddy’s hack of November 2021

On the 6th of September 2021, as-of-yet unknown actors breached and gained access to data of 1,200,000 GoDaddy customers. GoDaddy noticed the breach on November the 17th, some 36 days later. The breach was reported to the SEC some five days later and 41 days after the fact. While investigations are still ongoing, we do […]

How many WordPress plugins can I install?

Many things make WordPress great. Firstly, it’s free. This fact alone has allowed countless people to set up their own websites, contributing to the mass democratization of information that we enjoy today. Secondly, it is open-source – allowing hobbyists and professionals alike to hack away, change, and optimize whatever they want. Completing the trifecta of […]

Call for beta testers

Quality and dependability are two tenets on which all of our plugins are built. We work to achieve this day in day out through a rigorous development process that also involves considerable testing by our internal team. This enables us to ensure we only release any new update or plugin once we are confident that […]

Password Policy Manager for WordPress is now WPassword

Everything must evolve, or it risks being relegated to the history books. At WP White Security, we are firm believers in the philosophy of kaizen and always seek to develop our plugins for the better. We do this through customer feedback and an understanding of market trends and demands. These two tenets help us ensure […]

Understanding the risks of login sharing on WordPress

While it’s a big security no-no, login sharing on WordPress happens more often than one might think. As the term suggests, login sharing is the practice of users sharing their login information with other users. In a recent survey, a whopping 49% of users admitted to sharing their business login details, with younger users (16-24 […]

How to block failed login attempts on WordPress

This article explains why many WordPress websites have a lot of failed login attempts. It also explains what you can do to protect your WordPress website from failed login attacks.

Sixteen security tips for WordPress plugins & themes developers

One can never be too careful! A big part of our job as developers is to make sure the sites and plugins, we are building are secure. Businesses need faster solutions with increasingly complex functionality. While this is good progress, building complex projects also demands a proper security setup. WordPress security is one of the […]

Integrating password policies in WooCommerce account forms

Ensuring your team and also customers use strong passwords is one of the most effective tools in keeping your WordPress website, sensitive customer information and WooCommerce store secure. With WooCommerce typically having more public-facing login pages, this becomes orders of magnitude more important to maintain a secure environment. So, how can you be certain that […]

Our other plugins