The vaguest WordPress error you’ll no doubt come across at some point, which also has a whole laundry list of probable causes, is… “Are you sure you want to do this?” What’s frustrating about this particular error is that it could mean you made a small fixable mistake or, worse, that you’ve been hacked (though typically it’s a security issue that’s …
Track Hackers in Real-Time with Defender’s All New Audit Logs
Is anyone else freaking out about how many ridiculous new features the WPMU DEV super devs keep dropping on us? And the madness doesn’t stop. Our security plugin Defender just got a mega upgrade: Audit Logs! Now with Defender, not only can you harden your security and block attackers, but audit logs now hold everyone on your site or network to account …
Changing Your WordPress Database Prefix to Improve Security
WordPress database tables all begin with the wp_ prefix by default. Security gurus often recommend changing the prefix to secure your site, but is it really worth doing? Or is it all sizzle and no steak? The idea is that changing the database prefix helps avoid nasty SQL injections since hackers usually use queries with the standard settings in their …
Jetpack 4.2 Released with Performance and Security Updates
Jetpack 4.2 is a combination release with performance improvements and fixes for a couple of security vulnerabilities. These updates secure Contact Form submission exports from potential formula injections and fix a general XSS vulnerability in the misuse of the add_query_arg() function. The majority of enhancements in this release are centered on speeding up communication between WordPress.com and Jetpack-enabled sites. Jetpack …
Hiding Your WordPress Login Page from Hackers with Code
There are 40 million brute force attacks on websites every day, so it’s highly likely your site will succumb to an attack. One relatively easy way to protect your site is to hide your login page from hackers. Making it harder for hackers to find the location of your login page file means there’s less chance they can attempt …
How to Change Your WordPress File and Directory Structure
Thanks to the open source nature of WordPress, anyone – including hackers – can look up the typical file structure of a WordPress website and know exactly where to start an attack. Fortunately, rearranging your core WordPress file structure is one method you can employ from your security arsenal to combat hacks and bolster your site’s defenses. So in this …
9 Ways to Protect Users and Clients from Breaking Their WordPress Site
Everyone makes mistakes from time to time. It happens. But when the mistake occurs within a website that you put a lot of time and effort into building, it can be frustrating to go back and re-do your work, no matter how minor the issue. As a WordPress developer, you know the platform inside and out. You’re also familiar with …
WordPress Security: The Ultimate 32-Step Checklist
Back when I was starting out as a web designer and developer, my biggest problem was getting stuff to work the way I wanted it to. I was concerned more about getting things (mostly) working as I expected them to be. Getting things to look snazzy was usually one of my primary goals when finishing a website. WordPress security was …
The Ultimate Guide to WordPress Spam
Akismet, the most popular spam killing plugin for WordPress, encounters 7.5 million pieces of spam per hour on average. That’s twice as much spam as there are people in Los Angeles. Every hour. Back in 2007, WordPress co-founder Matt Mullenweg knew spam would be a growing problem for the CMS, saying at the time it was getting so bad that …
Downtime Expected for Some WP Engine Customers as Linode Patches A Critical Security Vulnerability
WP Engine customers on legacy Xen Linode host servers are being notified via email and the company’s status blog about impending downtime between July 21st and July 25th. According to an email forwarded to the Tavern from a WP Engine customer, Linode’s legacy Xen host servers contain a critical security vulnerability. We are contacting you today regarding an upcoming emergency security …