Collaborate Disseminate
In this update of the Website File Changes Monitor plugin we focused on further improving the file scanning technology. The results speak for themselves; faster scans that requires less resources. Here, you can read in more details what is new and impr… Continue reading WFCM 1.5: Hourly file integrity scans & other plugin improvements
An administrator should be able to add two-factor authentication (2FA) to a WordPress site easily within minutes. The admin should also be able to configure policies to make 2FA compulsory, and users should be able setup 2FA without requiring any train… Continue reading Say hello to WP 2FA – a new free WordPress two-factor authentication plugin
On 27th February 2020, at 9:34PM (CET) we received an email notifying us that our plugin WP Security Audit Log was “temporarily withdrawn from the WordPress.org Plugin directory due to an exploit”. We submitted a fix on Friday, 28th Februar… Continue reading Should maintained plugins be suspended from the WordPress repository when there is a security issue?
Whenever you implement a security measure, you should also have some sort of fallback. You do not want to be compromised by the failure of a single component. This is known as defense in depth. When you manage a WordPress website, one of the most impor… Continue reading Setting up 2FA on WordPress with the Google Authenticator app
File integrity monitoring (FIM) allows you to quickly detect file changes on your WordPress site. It is an important part of securing a WordPress site and the way it works is very simple: it compares baseline cryptographic hashes to the current hash of… Continue reading How to eliminate false positives in file integrity monitoring on WordPress
Keeping your eCommerce store secure is a must. Not only is it an important source of income for your business, but it also contains sensitive customer information, such as billing details and credit card numbers. Strong passwords can prevent many cyber… Continue reading Strong WooCommerce passwords – enforcing policies without deterring customers
WPScan is a black box WordPress Security Scanner written in Ruby. Ideal for penetration testers, security professionals and WordPress administrators WPScan can find security weaknesses within a WordPress blog or website.
The post Using WPScan to find W… Continue reading Using WPScan to find WordPress vulnerabilities on your website
Two-factor authentication (2FA) is an important part of maintaining the security of a WordPress site. However, 2FA alone isn’t enough to harden your WordPress site authentication. Strong passwords are also an important part, even when using two-f… Continue reading Why you need both Two-factor Authentication & strong passwords on WordPress sites
Today we are announcing Password Policy Manager 2.0! We are very excited about this release. Finally, WordPress multisite network administrators can also enforce strong password policies. In this update we have also added the new first time login passw… Continue reading Password Policy Manager 2.0 – Multisite networks support & first time login password change
A Distributed Denial of Service (DDoS) is a type of Denial of Service (DoS) attack in which the attack comes from multiple hosts as opposed to one, making them very difficult to block. As with any DoS attack, the objective is to make a target unavailab… Continue reading Understanding DDoS attacks: a guide for WordPress administrators