WordPress Security

Pagely Security Updates: Jan 2020 – WordPress Website Design Article

WordPress Security and Maintenance Releases: 5.2.4, 5.3.1, and 5.3.2Pagely customers were spared issues from bugs introduced in the 5.3.0 release as, due to the proximity to the holidays, we didn’t upgrade our customers to 5.3 until early January. All Pagely customers received security patches for vulnerabilities identified in WordPress Core before 5.2.4 for the 5.2 branch and 5.3.1 for the 5.3 branch.4 vulnerabilities found in WordPress Core:Privilege Escalation (allowing any user to “sticky” a post)XSS (Cross Site Scripting) Stored in…

Read More

A Guide to iThemes Security Pro Lockouts – WordPress Website Design Article

iThemes Security Pro lockouts are a way to harden your website against external attacks, including WordPress brute force attacks. In this guide, we’ll cover iThemes Security Pro lockouts and how to use them. Keep reading for tips to avoid the dreaded lockout screen (in case you or your client has accidentally locked yourself out of your website) and how to release the lockout if it’s triggered. (Locked out? Get the release lockout solution now!) What Types of iThemes Security Pro…

Read More

iThemes Security Setup Essentials (January 2020) – WordPress Website Design Article

iThemes Security Pro has a multitude of settings to help you secure your WordPress website. In this webinar, iThemes Associate Product Manager Michael Moore provides in-depth explanations of each security feature and a walkthrough of how to customize iThemes Security Pro for your needs. Watch the Video: How To Set Up the iThemes Security Plugin on Your WordPress Website A WordPress security plugin like iThemes Security Pro adds an important extra layer of security to your website. To make setup…

Read More

The 5 Best WordPress User Profile Plugins for 2020 – WordPress Website Design Article

Last Updated on December 11, 2019We’re all witnesses to the immense power of social media. We’ve seen how tightly knit and well organized online communities can affect the real world, create global movements, and even influence political opinions. Not to mention the wonders they can do for budding brands through word-of-mouth promotion. But social media isn’t just Facebook, Instagram, and Twitter. In fact, any business can create its own online community. All it takes is a good WordPress user profile…

Read More

A 10-Point Website Security Audit – WordPress Website Design Article

If you are running an online store, you are likely to see a steep increase in traffic during the holiday season. With new customers entering their payment information and personal addresses onto your website, it’s more important than ever to secure your online store in preparation for the holidays. November and December are the busiest shopping months of the year, which makes any downtime related to a hack or security breach more expensive than any other time of year. Your…

Read More

The Short History of Unauthenticated Site Options Update Vulnerabilities – WordPress Website Design Article

2019 is coming to an end. Over the last year Pagely’s security team noticed a trend in WordPress related attacks targeting unauthenticated changes to a WordPress website’s options table. The attack is specific to WordPress, but in its boiled down essence, this vulnerability would fall under Broken Access Controls/Elevation of Privilege (OWASP Top 10, 2017 A5). In laypersons terms: the application lacks proper authorization checks before performing a sensitive action.Over the course of the year, reports of unauthenticated site option…

Read More

The Comprehensive Guide to WordPress Security in 2019 – WordPress Website Design Article

The benefits of this WordPress security guide are two fold:Learn exactly what you need to know about WordPress security in 2019.Understanding WordPress security helps you adopt a security-oriented mindset that will help you prevent and mitigate risks as you make day-to-day decisions.Get actionable, step-by-step instructions for securing your WordPress site.The steps you need to take aren’t particularly time-consuming, don’t require advanced technical knowledge, and the linked guides are vetted for clarity and completeness.Of course, it’s impossible to cover every possible…

Read More

Pagely Security Updates – Pagely® – WordPress Website Design Article

This article covers our public notifications related to major security issues our clients and the WordPress community should know about. We are always focused on prevention and the mitigation of risk to our clients, and keeping you updated here is part of that process.WordPress 5.2.4 Security ReleaseOctober 15th, 2019Secure WordPress FastSix VulnerabilitiesSecured by this Patch.The WordPress.org core team has released WordPress 5.2.4, a security release addressing six vulnerabilities from XSS to viewing unauthorized posts.Pagely staff have already begun applying patches…

Read More

WordPress Vulnerability Roundup: September 2019, Part 2 – WordPress Website Design Article

Several new WordPress plugin and theme vulnerabilities were disclosed during the last half of September, so we want to keep you aware. In this post, we cover recent WordPress plugin and theme vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on your website. We divide the WordPress Vulnerability Roundup into four different categories: 1. WordPress core 2. WordPress Plugins 3. WordPress Themes 4. Breaches From Around the Web *We include breaches from…

Read More

2 Popular Ways to Backup WordPress Blog (+ Best Backup Plugins) – WordPress Website Design Article

When we work online, the problem comes without knocking our door. Being a blogger from last 4 years, I know the importance of taking timely backup of my blog. As WordPress runs on a web hosting, there are many possible issues which can come with your blog, anytime. Like – Your hosting company might shut down. Your hosting company suspects your WordPress blog for high memory usage. A hacker hacks your blog. You accidentally delete or corrupt your WordPress database…

Read More

8 WordPress Security Infographics to Download & Share – WordPress Website Design Article

Love infographics? We do, too! From WordPress security basics to how to secure your website, we have 8 WordPress security infographics for you to download and share. It feels like every week there’s another security breach in the news. It can cause panic, especially when we think website security has to be complicated. But protecting your WordPress website doesn’t have to be hard. WordPress security is easier than you think. In this infographic, we cover the five ways to secure…

Read More

WordPress Security Tricks to Keep Your Business Website Safe – WordPress Website Design Article

With the increasing number of companies and business using digital marketing techniques to grow, cybersecurity is one of the rising concerns that should be taken good care of not only to protect sensitive business information but customer data as well. Appealing web design and quality content don’t make sure a website is secure, but one must need to take some essential steps to ensure the website’s security. It’s essential for businesses to make their websites safe and secure to browse…

Read More

New! Never Miss a Critical Security Alert with the New Message Center in iThemes Security Pro – WordPress Website Design Article

With the release of iThemes Security Pro 6.0, we have added some subtle improvements and another way for you to stay current on the security health of your WordPress website with a new Security Admin Message Menu. Current iThemes Security Pro, Plugin Suite & Toolkit customers will find version 6.0.0 of the iThemes Security Pro plugin available as an automatic update from your WordPress dashboard (for licensed sites) or as a manual download from the iThemes Member Panel. Save time…

Read More

WordPress Vulnerability Roundup – End of May 2019 – WordPress Website Design Article

New WordPress plugin vulnerabilities have been disclosed this month. 1. WordPress core 2. WordPress Plugins 3. WordPress Themes 4. Breaches From Around the Web *We include breaches from around the web because it is essential to also be aware of vulnerabilities outside of the WordPress ecosystem. Exploits to server software can expose sensitive data. Database breaches can expose the credentials for the users on your site, opening the door for attackers to access your site. WordPress Vulnerabilities There haven’t been…

Read More

What is 2 Factor Authentication and How Can It Be Useful? – WordPress Website Design Article

You may have heard how important 2 factor authentication (also known as two-factor authentication or 2FA) is for securing your online accounts. Don’t be embarrassed if you find yourself asking “What is 2 factor authentication?” Don’t worry, not knowing puts you in a large group of users. By the end of this post, you will be a 2 factor authentication expert. In this post, we’ll explain what 2 factor authentication is and what the different methods of 2fa are. You…

Read More

Why Hiding Your WordPress Version Isn’t Enough – WordPress Website Design Article

If you are a website owner currently using WordPress as your CMS, it’s likely that the exceptional security features baked into WordPress played a key role in this decision. After all, the platform is the biggest and most commonly used CMS solution on the internet, and has provided users with secure, open source CMS capabilities for over 15 years. Despite the plethora of protective elements included with WordPress, it would be very naïve to think that your website is invincible.…

Read More

WordPress Vulnerability Roundup – April 2019 – WordPress Website Design Article

Unfortunately, April 2019 was a busy month for WordPress vulnerabilities. You don’t need to worry because our vulnerability roundup has you covered with what you need to know. We are going to cover what the exploits are and how they can affect you. We’ve divided the vulnerabilities up into three different categories: WordPress Plugins WordPress Themes Breaches From Around the Web We’re including breaches from around the web because it is important to also be aware of vulnerabilities outside of…

Read More

WordPress Vulnerability Roundup – Mid-May 2019 – WordPress Website Design Article

New WordPress plugin vulnerabilities have been disclosed this month. We divide the WordPress Vulnerability Roundup into four different categories: WordPress WordPress Plugins WordPress Themes Breaches From Around the Web We include breaches from around the web because it is essential to also be aware of vulnerabilities outside of the WordPress ecosystem. Exploits to server software can expose sensitive data. Database breaches can expose the credentials for the users on your site, opening the door for attackers to access your site.…

Read More

The Vital Role Of Logs In WordPress Security – WordPress Website Design Article

This is the third article in a 3 part series on the use of activity logs in WordPress.Read the first article here.Read the second article here. This is the last part of the three article series about how activity logs can help WordPress site administrators. In the first article we have seen how, with a WordPress activity log, you can improve user accountability and tick some compliance check boxes on your WordPress site. In the second article of this series…

Read More

Common WordPress Security Issues & How to Secure Your Site • WPShout – WordPress Website Design Article

Last night I was invited to speak at the Boulder WordPress meetup. My friend Angela drew a big crowd, and they listened intently to me talking a little too long about WordPress security vulnerabilities and what you can do to protect your WordPress site. That talk, like this article, is focused on protecting WordPress users and site-owners from common security problems. I have a whole other course about what WordPress developers should do to keep WordPress secure. This article will…

Read More

Breathe Freely! Your Security with WPMU DEV is Stronger Than Ever – WordPress Website Design Article

Is WordPress security a big deal to you and your clients? Why would I ask such a silly question? Because our security suite has new superpowers including Defender location-based IP blocking and Automate Safe Upgrade scans…now on up to 5 pages. What’s the WPMU DEV Security Suite, you Ask? We’ve built a fierce set of WordPress protectors to help ward off core, plugin, and theme attacks, minimize downtime, clear blacklisting, and backups that restore your services in case of emergency.…

Read More

2 Popular Ways to Backup WordPress Blog (+ Best Backup Plugins) – WordPress Website Design Article

When we work online, the problem comes without knocking our door. Being a blogger from last 4 years, I know the importance of taking timely backup of my blog. As WordPress runs on a web hosting, there are many possible issues which can come with your blog, anytime. Like – Your hosting company might shut down. Your hosting company suspects your WordPress blog for high memory usage. A hacker hacks your blog. You accidentally delete or corrupt your WordPress database…

Read More

Hello, Hackers! Best Practices for WordPress Security – WordPress Website Design Article

When talking about WordPress security, it feels like we’re left with 2 choices, devastating paranoia or ignorant bliss. With all the news of our personal information, usernames, passwords, and identities getting jacked and sold on the dark web, the topic of web security to a noobie sounds impossible. But after falling hard into the deep end of web security, I’ve discovered some “not-so-common-sense” WordPress security best practices and pro tips (literally I talked to a pro) to help put your…

Read More

5 Best Secure Hosts Compared (2019) – WordPress Website Design Article

Getting hacked is every blogger’s worst nightmare. Isn’t that true? While there are many things you can do to secure your WordPress site using plugins and simple tweaks, one of the best ways to prevent security lapses is to choose a secure WordPress hosting from the beginning. Most hosts advertise something about their security as a general rule of thumb, but not all hosts are equal when it comes to securing your WordPress site. To help you find the most…

Read More

10 Tips for Securing a WordPress Website – WordPress Website Design Article

How secure is your WordPress website? Is your site an easy target for hackers? With a few steps and by adopting a few WordPress security best practices, you can significantly reduce your vulnerability to attack. In this post, we’ll cover a few tips for securing a WordPress website. 1. Keep WordPress core, plugins and themes updated to the latest version. Did you know that some of the most common WordPress security issues are related to running outdated versions of WordPress…

Read More

How Can You Increase WordPress Security? – Website Design Article

WordPress is synonymous with slick, beautiful websites that are easy to build and develop with a vast number of plugins. With template sites within WordPress, would be bloggers and website owners can become developers themselves. WordPress makes it easy to create your own highly functional website, without the expense of building a custom site from scratch. However, it’s so easy to get lost in the world of design themes, plugins and user journeys that you can easily forget the security…

Read More

How to Restore a Website from an iThemes Security Database Backup – WordPress Website Design Article

Having a database backup is one of the best ways to protect yourself from an attack. If something goes wrong, you can restore the database from a backup and replace the files with fresh ones. In this post, we’ll cover how to restore a WordPress website from an iThemes Security database backup in just a few steps. With iThemes Security, the WordPress security plugin, you can schedule automatic database backups and download or delete previous backups. Before you start restoring your…

Read More

Is My WordPress Site Hacked? 7 Signs of Infection – WordPress Website Design Article

Finding yourself asking “Is my WordPress site hacked?” means you’ll want some quick answers. In this post, we cover seven signs of infection and what to do if you discover you’ve been hacked. The faster you notice the signs of a website breach, the quicker you can get your site cleaned up. The quicker you can get your website cleaned, the less damage the hack can do to your website. Note: Two things we mention quite a bit in this…

Read More

WordPress Disaster Week Videos & Slides – WordPress Website Design Article

WordPress Disaster Week just wrapped up with six full hours of WordPress security training. In this post, you’ll get all three videos from the webinar replays plus the slides for each session. Day 1: Prevention Day 1 focused on WordPress Security 101, how to defend your site from the most common types of attacks and WordPress login security. Replay: Slides: Day 2: Recovery Day 2 covered what to measure and monitor, signs you’ve been hacked and how to restore from…

Read More