Category: WordPress Security

Why you need both Two-factor Authentication & strong passwords on WordPress sites

Two-factor authentication (2FA) is an important part of maintaining the security of a WordPress site. However, 2FA alone isn’t enough to harden your WordPress site authentication. Strong passwords are also an important part, even when using two-factor authentication. In this article we review 2FA, explain how hackers are bypassing it in some cases, and provide […]

Understanding DDoS attacks: a guide for WordPress administrators

A Distributed Denial of Service (DDoS) is a type of Denial of Service (DoS) attack in which the attack comes from multiple hosts as opposed to one, making them very difficult to block. As with any DoS attack, the objective is to make a target unavailable by overloading it in some way. Generally, a DDoS […]

Top reasons why WordPress websites get hacked (and how you can stop it)

Hacking is the process of finding flaws in a system, and exploiting them to bypass security controls. ‘Ethical’ hackers use this process to learn about a system and find its weaknesses. However, malicious or ‘black hat’ hacking is also common. It is often used to break into websites. There are a lot of reasons why […]

How Does A VPN Work?

In recent years Virtual Private Networks (VPN) have become increasingly popular with both business and home users. And it’s reasonable to assert that this interest in VPN solutions has been amplified by the various security and privacy issues that have been highlighted in the mass media. Yet many people, even those who use VPNs on […]

PCI DSS Compliance for WordPress eCommerce & Business Sites

If you have an ecommerce or business WordPress site then PCI compliance is not new for you. As an online merchant / seller your WordPress website has to be compliant to the PCI DSS regulations, otherwise you risk being fined. Even if you use a third party payment gateway such as PayPal or Stripe, there […]

Email Security: How Basic Frameworks Help WordPress Site Owners

Across nations and industries, one technology has been sharing countless secrets for well over two decades. Yes, despite the rise of social media, messaging apps and project management tools, email remains the de facto number one online communication channel — but it’s also a source of much concern when it comes to security. When you […]

The Guide to WordPress Password Security

Weak passwords are one of the biggest threats that put the security of a WordPress site at risk. As an internet user, or if you guest author on a WordPress site you are always told to use complex and different password for every website or service you are subscribed to. You also have to change […]

The Top 5 Activity Log Plugins for WordPress

Managing a WordPress website can be time-consuming and difficult, especially if you have a lot of content and users. Fortunately, you can use a simple but powerful WordPress activity log plugin to keep track of everything that happens on your site. The benefits of using an activity log plugin include: Greater control over your site […]

WordPress security issues caused by sharing WordPress login details

A WordPress security best practice that is easy to implement is having a unique WordPress login (username and password) for every person who accesses your website or multisite network. Sharing the same WordPress login details with groups of people can lead to a number of security issues and increases the maintenance of the website, as […]

Best Two-Factor Authentication Plugins for WordPress

Two-Factor Authentication, (aka Two-Step Verification, 2FA) is an additional layer of security you can add to your WordPress login page. With 2FA it is virtually impossible for attackers to login to your WordPress, even if they guess your user’s password. Two-factor authentication is also good to help mitigate WordPress brute force attacks. Read our article […]