Category: WordPress Security

WordPress security survey results 2022

We recently ran a survey to get a better understanding of the state of WordPress security. The survey was open to everyone and included several WordPress security-related questions. This report details our findings.

WordPress Password Protection – A Complete Guide

What are the best methods of WordPress password protection for website administrators? This blog post examines the top password security options, such as strong password policies, password managers, two-factor authentication, educating users, and the use of other, wider safeguards.

The different types of CAPTCHA checks for WordPress websites

Since CAPTCHA was first introduced, it has undergone various iterations and evolutions. With each step, the aim always has been to make it easier for humans and more challenging for non-humans to pass the test.

What is the difference between CAPTCHA, ReCAPTCHA, and NoCAPTCHA?

If you’ve been thinking about adding CAPTCHA to your WordPress website (or have recently installed our amazing CAPTCHA 4WP plugin), you’ll undoubtedly have come across the many different versions and iterations of the word CAPTCHA.

Configuring HTTP security headers on WordPress

Most modern browsers support a variety of HTTP security headers to improve the security of your WordPress website, better protect your visitors from classes of browser attacks such as clickjacking, cross-site scripting, and other common attacks, and even improve your site’s visitors’ privacy online.

What is CAPTCHA?

In this article, we will be going on a CAPTCHA exploration journey, starting at its inception, all the way through the various iterations it went through to become what it is today. We will also be looking at how WordPress websites can leverage what CAPTCHA has to offer to increase WordPress security, reliability, and reputation.

What to take away from GoDaddy’s hack of November 2021

On the 6th of September 2021, as-of-yet unknown actors breached and gained access to data of 1,200,000 GoDaddy customers. GoDaddy noticed the breach on November the 17th, some 36 days later. The breach was reported to the SEC some five days later and 41 days after the fact.

How to block failed login attempts on WordPress

This article explains why many WordPress websites have a lot of failed login attempts. It also explains what you can do to protect your WordPress website from failed login attacks.

Applying the principle of least privilege for improved WordPress security

Even though the principle of least privileges is very popular in the IT security industry, many WordPress users still do not apply this principle because “things do not work out of the box”. Though by applying it you can improve the security of your WordPress blogs and websites.

WordPress PCI compliance for e-commerce & business sites

If you have an e-commerce or business WordPress site, most probably you’ve already heard of PCI DSS and PCI compliance. As an online merchant / seller your WordPress website has to be compliant to the PCI DSS regulations, otherwise you risk being fined. Even if you use a third party payment gateway such as PayPal or Stripe, there are still some regulatory requirements your website has to adhere to.

Our other plugins