Category: WordPress Security Tutorials

OWASP & WordPress – Improving WordPress Security With OWASP Top 10

WordPress security can be an intimidating subject to those who are new to WordPress, and to having a website. The good news is that compliance and standards such as the OWASP Top 10 list can help businesses get started with WordPress security.   This article explains what is the OWASP Top 10 list and how […]

Easily Create & Manage WordPress Temporary Users with a Plugin

Do you need to give temporary access to a developer or an author to your WordPress website? If you manage a WordPress website, you surely need to give temporary access to someone so they can fix a problem or do some work on your website. Though there is a problem – the process of creating and […]

Top Five WordPress Users Management Guidelines

User management is a difficult task and it is a webmasters’ and systems administrators’ nightmare. If not done properly, it can lead to a number of security issues. For example there have been cases where employees still had access to confidential business data, months and sometimes even years after leaving their job. These type of user management […]

How to Evaluate WordPress Audit Trail Plugins

Your business just switched from a custom made and complex CMS system to WordPress. All well and good, you have setup your blog, installed a few plugins and ready to get cracking. But how will you keep track of what the users are doing on your new WordPress website? Introducing WordPress Audit Trail Plugins WordPress […]

Who Is Logged In To Your WordPress?

This post explains why you should know who is logged in to your WordPress websites and blogs and how you can do it.

How to Clean a Hacked WordPress Website or Blog

First things first, do not panic. This article will guide you through the process of cleaning a hacked WordPress website. The process is documented in an easy to follow step by step format to help you identify the source of the hack and the infection, and then clean the code to regain control of your […]

Get Alerted via Email When a New User Is Created or Logs in To Your WordPress

There are several benefits to keeping a record of everything that is happening on your website in a WordPress audit log. As seen in this example, you can configure email alert so you are alerted of any suspicious user behaviour at an early stage, allowing you to thwart any possible hacker attacks before any damage is done on your WordPress website and multisite network.

WordPress Security VS Functionality – Striking the Right Balance

The more functionality your WordPress has the bigger the attack surface is. The more lines of code there are, and the more plugins you install the more prone to malicious hacker attack your WordPress will be. Ever heard this before? While many believe such facts are true, it all depends on how well things are […]

How to Grant Remote Access Privileges to a WordPress MySQL Database

This document explains how to grant remote access to a WordPress or any other MySQL database. Remote access might be needed if you need to extract or read data from the WordPress database from a remote location, for example to read the WordPress security alerts generated by WP Security Audit Log plugin and store them in a centralized logging and monitoring system.

All You Need To Know On the WordPress Unique Authentication Keys and Salts

WordPress security keys are used to encrypt the WordPress login details stored in user’s cookies once they login to WordPress. By configuring the WordPress security keys you also improve the security of your WordPress. This article explains what are the WordPress security keys and how you can configure them in the wp-config.php file.