Category: WordPress Security

The Guide to WordPress Password Security

Weak passwords are one of the biggest threats that put the security of a WordPress site at risk. As an internet user, or if you guest author on a WordPress site you are always told to use complex and different password for every website or service you are subscribed to. You also have to change […]

The Top 5 Activity Log Plugins for WordPress

Managing a WordPress website can be time-consuming and difficult, especially if you have a lot of content and users. Fortunately, you can use a simple but powerful WordPress activity log plugin to keep track of everything that happens on your site. The benefits of using an activity log plugin include: Greater control over your site […]

Best Two-Factor Authentication Plugins for WordPress

Two-Factor Authentication (2FA) or Two-Step Verification is an additional layer of security you add to your WordPress login pages. With 2FA it is virtually impossible for attackers to hijack your WordPress user, even if they guess the password. Two-factor authentication is also good to help mitigate WordPress brute force attacks. If you are interested in […]

A WordPress Digital Nomad’s Must Have – Personal VPN

WordPress has allowed many to break away from their nine to five jobs and start their own business venture, and live the digital nomad life. Being location independent and travelling around the world while still able to make money is certainly possible nowadays, especially with the adaptation of the internet and Wi-Fi in all cafes, […]

Top Five WordPress Users Management Guidelines

User management is a difficult task and it is a webmasters’ and systems administrators’ nightmare. If not done properly, it can lead to a number of security issues. For example there have been cases where employees still had access to confidential business data, months and sometimes even years after leaving their job. These type of user management […]

Best Practices for Secure Web Forms on Your WordPress Website

Contact and other type of web forms on websites are typically used to capture leads and build a mailing list for your business’ email marketing strategy. Web forms are also the most commonly exploited attack surface on websites, since they allow users to input data that is then stored into a database or some other […]

Dealing with Failed Logins on Your WordPress

This article explains why many WordPress websites have a lot of failed login attempts. It also explains what you can do to protect your WordPress website from failed login attacks.

The Security Risks of Storing WordPress Backup Files & Old Files Onsite

WordPress backup files and old unused files typically contain a wealth of sensitive information. When stored onsite such files can easily be discovered and downloaded by malicious hackers. Hackers use the information they contain to craft an attack against your website.

Crunching the Numbers – Too Many WordPress Vulnerabilities Can Only Mean Good Things

This article looks into how many vulnerabilities other popular web software has had when compared to WordPress to try and compare if WordPress’ reputation as a very insecure web application is true or not.

Beyond WordPress Security – Managine & Securing All the Other Non-WordPress Components

Read this article for a detailed list of all the other software components that make up a WordPress website. By knowing what your WordPress website is made of, and on which platform it is running you will be able to take a more holistic approach to WordPress security.