Privacy Checklist: 10 Tips for Protecting Visitors to Your WordPress Site

Businesses of all sizes—bloggers, SMBs, eCommerce companies, large enterprises, and more—understand the importance of having a website. Without it, a business is relegated to the more time – and labor – intensive (and not to mention outdated) method of increasing brand recognition and converting leads through cold calling and word-of-mouth. Plus, if your brand doesn’t have a website, you’re relying …

WP Mobile Detector Plugin Patched for Arbitrary File Upload Vulnerability, Exploits Ongoing

Researchers at Sucuri are reporting that the WP Mobile Detector plugin has been patched for an arbitrary file upload vulnerability that is being actively exploited in the wild. The plugin, which was temporarily removed from the WordPress Plugin Directory, had more than 10,000 active installs before the exploits began. According to Sucuri, the majority of compromised sites have been infected …

Adding Free SSL Certificate and HTTPS to WordPress with Let’s Encrypt and Certbot

Installing an SSL certificate on your domain is an essential step you should take to secure your WordPress site and now with Let’s Encrypt you can get one for free. An SSL certificate encrypts the connection between your site and your visitors’ browser so hackers can’t intercept and steal personal information. Normally, SSL certificates can be cumbersome to install and …

Help, I’ve Been Hacked! How to Troubleshoot and Fix a WordPress Site

Getting hacked is one of the most frustrating experiences you’ll face as a site admin. Unfortunately, even if you have bolstered your site’s defenses, about 30,000 sites are hacked daily and it’s likely your site will fall prey sooner or later. So it’s important you know what to do when that day comes. Fortunately, it’s possible to figure out exactly …

A Comprehensive Guide to Editing. htaccess for WordPress Security

The .htaccess file in your WordPress install is a powerful configuration file that you can use to override the settings on your web server to improve your site’s security and performance. Short for “Hypertext Access,”, you can edit the file and with the right commands, you can enable/disable extra functionality and features to protect your site from spammers, hackers and …

How to Scan Your WordPress Site and Patch Security Vulnerabilities

There are well over 7.5 million attacks on WordPress sites every hour so the probability of your site being attacked is almost guaranteed. Simply scanning your site for vulnerabilities, however, can help you keep nasty hackers at bay. Scanning your site will tell you how your site is vulnerable to attack so you can then take specific actions to patch any holes in your security. So …

Critical Vulnerabilities Found in PhpStorm, Immediate Update Advised

JetBrains announced today that it has released a security update for PhpStorm and all of its other IntelliJ-based IDEs due to a set of critical vulnerabilities: The cross-site request forgery (CSRF) flaw in the IDE’s built-in webserver allowed an attacker to access local file system from a malicious web page without user consent. Over-permissive CORS settings allowed attackers to use …