Secure your WordPress login with these easy-to-use plugins

https://www.wpwhitesecurity.com/wordpress-secure-login-plugins/

When it comes to managing your WordPress site, keeping your login secure and working well should be of top priority. Whether you operate an eCommerce store, or a membership site, making sure that your users utilize a strong username and password combination is essential to securing your website against outside threats and hacking attempts. And yet, some of your users may well continue to use weaker passwords and usernames for their WordPress login. Passwords such as password123 or even 1234 leave a gaping hole in your site’s defenses. However, by using a couple of plugins, you can secure your WordPress login. […]

High Severity Vulnerabilities in PageLayer Plugin Affect Over 200,000 WordPress Sites

https://www.wordfence.com/blog/2020/05/high-severity-vulnerabilities-in-pagelayer-plugin-affect-over-200000-wordpress-sites/

A few weeks ago, our Threat Intelligence team discovered several vulnerabilities present in Page Builder: PageLayer – Drag and Drop website builder, a WordPress plugin actively installed on over 200,000 sites. The plugin is from the same creators as wpCentral, a plugin within which we recently discovered a privilege escalation vulnerability. One flaw allowed any authenticated user with subscriber-level and above permissions the ability to update and modify posts with malicious content, amongst many other things. A second flaw allowed attackers to forge a request on behalf of a site’s administrator to modify the settings of the plugin which could […]

Understanding Top Website Migration Factors

https://wpengine.com/blog/understanding-top-website-migration-factors/

The following post was written by Kris Hadlock, President and CTO, at website migration specialist WordHerd. Migrating a website from one platform to another may seem like a straightforward process, but there are many factors to take into consideration. You may be thinking that it simply involves a copy and paste of content, downloading and… The post Understanding Top Website Migration Factors appeared first on WP Engine.

WordPress Vulnerability Roundup: May 2020, Part 2

https://ithemes.com/wordpress-vulnerability-roundup-may-2020-part-2/

New WordPress plugin and theme vulnerabilities were disclosed during the second half of May, so we want to keep you aware. In this post, we cover recent WordPress plugin, theme and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on your website. New WordPress plugin and theme vulnerabilities were disclosed during the second half of April, so we want to keep you aware. In this post, we cover recent WordPress plugin, theme and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on […]

Zabezpieczenia WordPress – Kompletny przewodnik dla Rock Solid WP Security [w zestawie bezpłatna wtyczka]

https://www.getastra.com/blog/cms/wordpress-security/przewodnik-bezpieczenstwa-wordpress/

Będąc wykorzystywanym przez jedną trzecią wszystkich stron internetowych, WordPress zawsze przyciąga uwagę hakerów. W ostatnich latach zasięg ataków na WordPress jest alarmujący i wymaga działania. Pomimo ataków WordPress Security jest wciąż bardzo źle rozumianą i niedocenianą koncepcją. Właściciele witryn uważają, że wygodniej jest je przeoczyć.  Jednak w wyniku tych exploitów wiele osób pogodzi się z potrzebą aktualizacji swoich standardów bezpieczeństwa WordPress. Ale często na morzu decydują, które praktyki bezpieczeństwa są uzasadnione, a jakie nie. Nie martw się! Przeprowadziliśmy dla Ciebie badania. W tym artykule znajdziesz pełną listę niezbędnych i możliwych do zastosowania środków bezpieczeństwa WordPress dla Twojej witryny. Co więcej, […]

WP Security Audit Log renamed to WP Activity Log

https://wpactivitylog.com/wp-security-audit-log-renamed-wp-activity-log/

Today’s announcement is very different from all the previous ones. We are renaming WP Security Audit Log to WP Activity Log. The plugin’s name change reflects the vision we have for the plugin, as explained in this post. A bit of history When we started WP White Security and released the first version of WP Security Audit Log back in 2013, we did not anticipate that our plugin would have such an impact in the WordPress community. Within a short period of time our plugin became the #1 user-rated WordPress activity log plugin. This positive response is what encouraged us […]

The Elementor Attacks: How Creative Hackers Combined Vulnerabilities to Take Over WordPress Sites

https://www.wordfence.com/blog/2020/05/the-elementor-attacks-how-creative-hackers-combined-vulnerabilities-to-take-over-wordpress-sites/

On May 6, our Threat Intelligence team was alerted to a zero-day vulnerability present in Elementor Pro, a WordPress plugin installed on approximately 1 million sites. That vulnerability was being exploited in conjunction with another vulnerability found in Ultimate Addons for Elementor, a WordPress plugin installed on approximately 110,000 sites. We immediately released a firewall rule to protect Wordfence Premium users and contacted Elementor about the vulnerability. As this vulnerability was being actively exploited, we also publicly notified the community of the vulnerability to help protect users from being compromised. Elementor quickly released an update for Elementor Pro the same […]

Activity Log for MainWP 1.5: New search module & better UX

https://www.wpsecurityauditlog.com/releases/al4mwp-1-5/

Searching through the activity logs of multiple websites from one central place should be an easy thing to do. After all, you install an activity log plugin on all the child sites you manage via MainWP so you can know exactly what is happening when you need to. That is why we are really excited to announce the new update of the Activity Log for MainWP plugin. New search & filters with better UX We are the first to admit that the previous search was not exactly the most user friendly. Whenever you ran a search you were greeted with […]

WordPress Core Merge Makes Plugin & Theme Updates Automatic

https://www.getastra.com/blog/cms/wordpress-security/wordpress-plugin-theme-updates-automatic/

When the context is about security, we know how crucial it is to regularly update WordPress installations. The average WordPress website is attacked by malware 44 times a day. From weak plug-ins to insecure themes, anything could give a chance to a malware to infect your CMS. Keeping in mind the plight of the webmasters, WordPress has announced that the auto-updates feature of themes and plugins is ready for a core merge. Currently, auto-updating is accessible only for core WordPress CMS. The stable version v5.5 would enable the features of WordPress theme & plugin auto-update.  What is the need of […]

How to Improve eCommerce Website Security? (6 Easy Steps)

https://blogvault.net/ecommerce-website-security/

The post How to Improve eCommerce Website Security? (6 Easy Steps) appeared first on BlogVault – The Most Reliable WordPress Backup Plugin.