Category: WordPress Security

The Four Principles of WordPress Security; Harden, Monitor, Test, Improve

This article gives an overview of the four main WordPress security principles highlighted in the WordPress security wheel. By adhering to these principles, WordPress website owners can improve the security of their websites, thus ensuring they are not vulnerable to malicious WordPress hack attacks.

WordPress REST API and the Security Worries

The infrastructure of the WordPress REST API will be included in the core of WordPress version 4.4. The release of WordPress version 4.5 will also include a number of endpoints for the REST API. The addition of this new functionality in WordPress core has raised a few eyebrows. Many are already concerned and as usual, WordPress security is the […]

WordPress username disclosure, is it a vulnerability or not?

It is very easy to identify the usernames on an out of the box WordPress installation. Though, there are several WordPress hardening techniques you can implement to hide the usernames, such as the ones mentioned below. However, these only make it a bit more difficult to guess the usernames, but they do not solve the […]

Why Running Multiple WordPress Firewalls is a Bad Idea

A common question new WordPress users have is which WordPress firewall should they install. Many are told to install multiple WordPress firewalls. Does installing multiple WordPress firewalls really mean better protection? This article explains it all.

Should You Pay for WordPress Security?

Simply because WordPress is very easy to use many think that they can also maintain and secure it. WordPress security is usually under estimated and it takes more than just a plugin to secure it. Read more to see what are the typical pitfalls of why people under estimate WordPress security.

Principle of Least Privileges and WordPress Security

Even though the principle of least privileges is very popular in the IT security industry, many WordPress users still do not apply this principle because “things do not work out of the box”. Though by applying it you can improve the security of your WordPress blogs and websites.

WordPress Firewalls – How They Work & Enhance The Security Of Your WordPress Site

A WordPress website firewall (also known as a Web Application Firewall) helps you protect your WordPress websites and blogs from malicious hacker attacks, though it is not a bullet broof solution. This article explains how they work and discusses their pros and cons.

WordPress Security Bloggers – Central Source for WordPress Security News and Updates

WP Security Bloggers is a WordPress security news central. The website pulls WordPress security news and updates from a number of prominent WordPress security blogs, websites and various other security sources.

Understanding the WordPress Security Plugins Ecosystem

There are many WordPress security plugins available but not all of them have the same scope. Hence before being deciding which plugin to install, users should first understand what type of plugins there are available to be able to determine which plugins will help them meet the WordPress security requirements, and ensure that every aspect of the WordPress security ecosystem is addressed.

Is WordPress Secure?

In the last few weeks the WordPress community started questioning the state of security of WordPress again because a number of vulnerabilities have been discovered both in WordPress and a number of popular WordPress plugins. This article explains how even though there are so many vulnerabilities being discovered, WordPress per se is a very secure software.