This article includes an email thread of emails that I exchanged with a spammer who claims his company provides SEO services and they can help me rank my website on Google’s first page. As you will see, there are a lot of lessons to be learnt from trying to deal with scam and spam businesses.
This article looks into how many vulnerabilities other popular web software has had when compared to WordPress to try and compare if WordPress’ reputation as a very insecure web application is true or not.
Read this article for a detailed list of all the other software components that make up a WordPress website. By knowing what your WordPress website is made of, and on which platform it is running you will be able to take a more holistic approach to WordPress security.
This article gives an overview of the four main WordPress security principles highlighted in the WordPress security wheel. By adhering to these principles, WordPress website owners can improve the security of their websites, thus ensuring they are not vulnerable to malicious WordPress hack attacks.
This WordPress security glossary includes a list of terms and keywords that are typically used in WordPress security documents. The scope of such document is to help you understand the WordPress security lingo.
The infrastructure of the WordPress REST API will be included in the core of WordPress version 4.4. The release of WordPress version 4.5 will also include a number of endpoints for the REST API. The addition of this new functionality in WordPress core has raised a few eyebrows. Many are already concerned and as usual, WordPress security is the… Read More
By default it is very easy to guess a WordPress username. Is this WordPress username disclosure a vulnerability or not? Many software vendors such as Microsoft and Cisco had similar issues in the past and they fixed it. Yet in the WordPress ecosystem this is not considered as a vulnerability.
This blog post explains what is two-factor authentication and how it can help you improve the security of your WordPress. It also mentions a few plugins and services that can help you easily implement two-factor authentication on your WordPress websites and blogs.
A common question new WordPress users have is which WordPress firewall should they install. Many are told to install multiple WordPress firewalls. Does installing multiple WordPress firewalls really mean better protection? This article explains it all.
Simply because WordPress is very easy to use many think that they can also maintain and secure it. WordPress security is usually under estimated and it takes more than just a plugin to secure it. Read more to see what are the typical pitfalls of why people under estimate WordPress security.