Why secure your WordPress site?

February 23, 2016

WordPress sites are notoriously lacking when it comes to . Be it due to an insufficient expertise of the developer, or the use of one of the many FREE plugins available (of which the cannot be guaranteed). With WordPress running on 1 in 5 sites on the internet, it is no surprise that they are a very popular target for both experienced hackers and script-kiddies alike.

1. Running the Latest Version of WordPress
Running the latest version of any WordPress is probably first the most obvious measure that should be taken. However, with over 86% of WordPress installations running outdated versions of WordPress, this point is still one that needs to be stressed. Each of WordPress not only brings with it new features but more importantly, it brings with it bugfixes and fixes, which your WordPress site remain safe against common, easy-to-exploit vulnerabilities.

2. Running the Latest Versions of Themes and Plugins
Running the latest version of WordPress alone is not enough – your site’s plugins and themes could still contain vulnerabilities that can compromise the security of your WordPress site.
Therefore, making sure that the themes and plugins you are running are all updated to their latest versions is essential. By keeping your plugins and themes up to date, you can make sure your site is covered with the latest security .

3. Disable File Editing
By default, WordPress allows administrative users to edit PHP files of plugins and themes inside of the WordPress admin interface. This is often the first thing an attacker would look for if they manage to gain access to an administrative account since this functionality allows code execution on the server.

WordPress Core vulnerability October

WordPress Core vulnerability October

Nov 03 2017

For your , be informed about the latest WordPress Core vulnerability, fixed in security release WordPress 4.8.3 from October 31, 2017.…

WP Security: plugin vulnerabilities October

WP Security: plugin vulnerabilities October

Nov 01 2017

For your , be informed about the latest vulnerabilities in WordPress plugins: Content Timeline Multiple Blind SQL Injection reported by Jeroen…

WordPress protection: Core vulnerabilities September

WordPress protection: Core vulnerabilities September

Oct 02 2017

For your , be informed about the latest WordPress Core vulnerabilities fixed in security release WordPress 4.8.2 from September 2017. WordPress…

WP Security: plugin vulnerabilities September

WP Security: plugin vulnerabilities September

Oct 01 2017

For your , be informed about the latest vulnerabilities in WP plugins: Participants Database Cross site scripting (XSS) reported by Benjamin…

WP Security: plugin vulnerabilities August

WP Security: plugin vulnerabilities August

Aug 31 2017

For your , be informed about the latest vulnerabilities in WP plugins: AddToAny Share Buttons Conditional Host Header Injection reported by…

Identified as New WP under 30 min

Identified as New WP under 30 min

Aug 03 2017

Your freshly installed, brand new WP is discovered faster than you imagine. Amazingly, even before you are informed. Find out how in…

No comments

Leave a Reply

Your email address will not be published.

Why secure your WordPress site?

by Csaba Miklós time to read: 3 min
0