Category: wordpress security

How to Use WordPress User Roles for Improved WordPress Security

Learn more about WordPress user roles and what capabilities users have when assigned to a specific WordPress user role. With WordPress user roles, the WordPress owner can have control of what the users can and cannot do on the WordPress installation.

WordPress file permissions: the guide to configuring secure website & web server permissions

WordPress can pretty much run on any operating system that runs PHP. However, the vast majority of WordPress websites run on Linux. Therefore it is important that you understand Linux file permissions. It is crucial to get file permissions right. Setting incorrect file permissions can open your website up for attack. Incorrect file permissions can […]

WordPress Two-Factor Authentication (2FA): what is it & using it on your site

The security of your WordPress website depends on the systems you put in place to protect it and harden its security. With the sharp increase of automated password guessing, your users’ sensitive information and access to your site are more at risk than ever. This is why it’s so important to protect your WordPress site […]

Penetration testing for WordPress websites

WordPress powers a lot of websites on the Internet. So it’s no surprise that seasoned attackers and “script-kiddies” like to target WordPress websites. Whether you’re a webmaster, or a security professional, when tasked with assessing the security posture of a WordPress website, it tends to help to be aware of common security pitfalls attackers typically […]

Using WPScan to find WordPress vulnerabilities on your website

WPScan is a black box WordPress Security Scanner written in Ruby. Ideal for penetration testers, security professionals and WordPress administrators WPScan can find security weaknesses within a WordPress blog or website.

Top reasons why WordPress websites get hacked (and how you can stop it)

Hacking is the process of finding flaws in a system, and exploiting them to bypass security controls. ‘Ethical’ hackers use this process to learn about a system and find its weaknesses. However, malicious or ‘black hat’ hacking is also common. It is often used to break into websites. There are a lot of reasons why […]

Prevention is the way to go when it comes to WordPress security

A common misconception is that malicious hackers only target websites with large income, or those that store valuable sensitive information. However, WordPress websites generally get a lot of unwanted attention, which is why it’s important to take preventive measures from the get-go. The good news is that (on top of basic measures such as having […]

High-Tech Bridge COO Talks About Web & WordPress Security

As of the beginning of 2019, WordPress powers 33% of the top ten million websites, confirming it as the most popular and widely used blogging and CMS platform again. Such popularity attracts a lot of attention, and application security software companies which typically focus on security solutions for custom web applications are now also interested […]

Malcare WordPress Site Security Service Reviewed

According to statistics published by WPMUDEV in 2017, malicious hackers attack WordPress websites with over 90,978 attacks per minute. Therefore every WordPress site must have some sort of security hardening and service protecting it. Even if it is small and not popular, your WordPress website is always a target. Being a geek, when I started […]

The Top 5 Activity Log Plugins for WordPress

Managing a WordPress website can be time-consuming and difficult, especially if you have a lot of content and users. Fortunately, you can use a simple but powerful WordPress activity log plugin to keep track of everything that happens on your site. The benefits of using an activity log plugin include: Greater control over your site […]