Category: WordPress Security

Strong WooCommerce passwords – enforcing policies without deterring customers

Keeping your eCommerce store secure is a must. Not only is it an important source of income for your business, but it also contains sensitive customer information, such as billing details and credit card numbers. Strong passwords can prevent many cyber attacks, but you’ll need a way to enforce them without deterring customers. By creating […]

Using WPScan to find WordPress vulnerabilities on your website

WPScan is a black box WordPress Security Scanner written in Ruby. Ideal for penetration testers, security professionals and WordPress administrators WPScan can find security weaknesses within a WordPress blog or website.

Why you need both Two-factor Authentication & strong passwords on WordPress sites

Two-factor authentication (2FA) is an important part of maintaining the security of a WordPress site. However, 2FA alone isn’t enough to harden your WordPress site authentication. Strong passwords are also an important part, even when using two-factor authentication. In this article we review 2FA, explain how hackers are bypassing it in some cases, and provide […]

Understanding DDoS attacks: a guide for WordPress administrators

A Distributed Denial of Service (DDoS) is a type of Denial of Service (DoS) attack in which the attack comes from multiple hosts as opposed to one, making them very difficult to block. As with any DoS attack, the objective is to make a target unavailable by overloading it in some way. Generally, a DDoS […]

Top reasons why WordPress websites get hacked (and how you can stop it)

Hacking is the process of finding flaws in a system, and exploiting them to bypass security controls. ‘Ethical’ hackers use this process to learn about a system and find its weaknesses. However, malicious or ‘black hat’ hacking is also common. It is often used to break into websites. There are a lot of reasons why […]

How Does A VPN Work?

In recent years Virtual Private Networks (VPN) have become increasingly popular with both business and home users. And it’s reasonable to assert that this interest in VPN solutions has been amplified by the various security and privacy issues that have been highlighted in the mass media. Yet many people, even those who use VPNs on […]

PCI DSS Compliance for WordPress eCommerce & Business Sites

If you have an ecommerce or business WordPress site then PCI compliance is not new for you. As an online merchant / seller your WordPress website has to be compliant to the PCI DSS regulations, otherwise you risk being fined. Even if you use a third party payment gateway such as PayPal or Stripe, there […]

Email Security: How Basic Frameworks Help WordPress Site Owners

Across nations and industries, one technology has been sharing countless secrets for well over two decades. Yes, despite the rise of social media, messaging apps and project management tools, email remains the de facto number one online communication channel — but it’s also a source of much concern when it comes to security. When you […]

The Guide to WordPress Password Security

Weak passwords are one of the biggest threats that put the security of a WordPress site at risk. As an internet user, or if you guest author on a WordPress site you are always told to use complex and different password for every website or service you are subscribed to. You also have to change […]

The Top 5 Activity Log Plugins for WordPress

Managing a WordPress website can be time-consuming and difficult, especially if you have a lot of content and users. Fortunately, you can use a simple but powerful WordPress activity log plugin to keep track of everything that happens on your site. The benefits of using an activity log plugin include: Greater control over your site […]