Should maintained plugins be suspended from the WordPress repository when there is a security issue?
On 27th February 2020, at 9:34PM (CET) we received an email notifying us that our plugin WP Activity Log was “temporarily withdrawn from the WordPress.org Plugin directory due to an exploit”. We submitted a fix on Friday, 28th February 2020, at 4:08PM. It only took us 16.5 hours to release the fix. We would have […]
How to Manually Deactivate WordPress Plugins
Plugins are a great aspect of using WordPress. However, at some point, you’ll need to uninstall or deactivate a plugin for one reason or another. This might present a problem, in that, the default method for deactivating WordPress plugins might not be always available. For example, to fix an issue where you lose access to […]
Prevention is the way to go when it comes to WordPress security
A common misconception is that malicious hackers only target websites with large income, or those that store valuable sensitive information. However, WordPress websites generally get a lot of unwanted attention, which is why it’s important to take preventive measures from the get-go. The good news is that (on top of basic measures such as having […]
WordPress Security VS Functionality – Striking the Right Balance
The more functionality your WordPress has the bigger the attack surface is. The more lines of code there are, and the more plugins you install the more prone to malicious hacker attack your WordPress will be. Ever heard this before? While many believe such facts are true, it all depends on how well things are […]
Using Media to Improve WordPress Security
Media can have a big impact on WordPress security. As we have learnt from last week’s WordPress SEO plugin vulnerability, if media is used effectively more users will keep their plugins up to date, which also means more secure.
WordPress Firewalls – How They Work & Enhance The Security Of Your WordPress Site
A WordPress website firewall (also known as a Web Application Firewall) helps you protect your WordPress websites and blogs from malicious hacker attacks, though it is not a bullet broof solution. This article explains how they work and discusses their pros and cons.
Statistics Highlight the Biggest Source of WordPress Vulnerabilities
WordPress vulnerabilities statistics show that the main source of WordPress vulnerabilities are in WordPress plugins. These vulnerabilities statistics also show how important it is to always run the latest version of WordPress core, plugins and themes.
Understanding the WordPress Security Plugins Ecosystem
There are many WordPress security plugins available but not all of them have the same scope. Hence before being deciding which plugin to install, users should first understand what type of plugins there are available to be able to determine which plugins will help them meet the WordPress security requirements, and ensure that every aspect of the WordPress security ecosystem is addressed.
Site-Specific WordPress Plugin for Code Snippets
This WordPress tutorial explains what is a site-specific code snippets plugin and what are the advantages of using it. The tutorial also explains how to create the site-specific WordPress plugin to store code snippets specific to your WordPress blog or website.
An Infographic About the State of Security of WordPress Blogs and Websites
A recent WordPress security infographic shows that more than 170,000 WordPress blogs and websites were hacked in 2012. Most of them were hacked via a vulnerability in the plugin or theme they were using. Read this blog post for more information about the state of security of WordPress sites.