Category: WordPress Security Tutorials & Tips

Why your WordPress e-commerce solution has to be secure (and how to do it)

There’s plenty you need to do to ensure your e-commerce store offers the best possible User Experience (UX). This means keeping WordPress and all other software up-to-date, optimizing your store, and of course, ensuring it’s safe to use and secure. By safe to use, we mean making your best to protecting your customer’s data. Also […]

Setting up 2FA on WordPress with the Google Authenticator app

Whenever you implement a security measure, you should also have some sort of fallback. You do not want to be compromised by the failure of a single component. This is known as defense in depth. When you manage a WordPress website, one of the most important aspects of security is authentication, a.k.a. how you login […]

How to eliminate false positives in file integrity monitoring on WordPress

File integrity monitoring (FIM) allows you to quickly detect file changes on your WordPress site. It is an important part of securing a WordPress site and the way it works is very simple: it compares baseline cryptographic hashes to the current hash of the monitored files. When a change happens, you get an alert. However, […]

Choosing the right HTTPS certificate for your WordPress website

In our previous post WordPress HTTPS, SSL and TLS – a guide for website administrators, we explained what HTTPS and all the other technical terms are, and how it works. In this article, we discuss HTTPS certificates, the different ways you may acquire one for your WordPress website, and why you should or shouldn’t pay […]

WordPress HTTPS, SSL & TLS – A Guide For Website Administrators

When you visit a website, your browser (also known as a client) sends a HTTP request to a web server. Once the web server sends an HTTP response, the browser can then render the page to your screen. However, HTTP traffic has a problem; it is a plaintext protocol. This makes it susceptible to snooping […]

Prevention is the way to go when it comes to WordPress security

A common misconception is that malicious hackers only target websites with large income, or those that store valuable sensitive information. However, WordPress websites generally get a lot of unwanted attention, which is why it’s important to take preventive measures from the get-go. The good news is that (on top of basic measures such as having […]

4 Reasons Password Policies Are Vital for WordPress Users

For every account you set up you should use a unique and difficult password. That’s a given, but you’d be surprised at how many people don’t give a second though to password security. This means that, in many cases, the safest approach is to not leave password safety up to your users. Instead, you can […]

What Is WordPress File Integrity Monitoring & Why Your WordPress Needs It?

Have you ever had to clean your WordPress website from a malware infection? Do you know how to find out which code was compromised? Do you know if your developers or agency left backup and leftover files on your website that can leave you exposed? This post explains how File integrity monitoring (FIM) helps you […]

Passwords Management Best Practices For WordPress Administrators

“Use a strong and different password for every online service, device, email account and website you have.” As an owner  or contributor to a few WordPress sites you are subscribed to an overwhelming number of online services and websites. And even though you agree with the above statement, it is very difficult for you to […]

The Security Precautions One Should Take When Migrating A CMS

A content management system (CMS) is a tool that helps you and businesses create, manage, distribute and publish digital content on a website. It is basically a web application which can be used by both developers and non-technical people, like WordPress. There are plenty of CMS solutions you can choose from. Each one of them […]