Is WordPress Secure for eCommerce? Here Is The Answer!

https://www.getastra.com/blog/cms/wordpress-security/is-wordpress-secure-for-ecommerce/

Originated as a basic content publishing tool, WordPress has developed into a powerful content management system (CMS) recently. It empowers over 30% of all sites on the Web. But its effectiveness doesn’t just stop there. WordPress is also being used popularly for profitable e-commerce businesses. In fact, popularity comes with risk. WordPress has become a primary target for hackers and cybercriminals. Hence, having your e-commerce store running on this CMS even raises more security concerns. These worries make sense. If your standard WordPress blogging website gets attacked, it may be shut down and lose all the content.  Things could be […]

How to Fix Push Notification & Redirection Malware on WordPress

https://www.getastra.com/blog/cms/wordpress-security/fix-push-notifications-malware/

Since the last couple of weeks, the security researchers at Astra have been tracking a push notifications malware on WordPress. This campaign has been combined with the on-going redirection campaign on WordPress websites. A few malicious domains where redirection is happening include inpagepush[.]com, asoulrox[.]com and iclickcdn[.]com, justcannabis[.]online. Hackers have gone one step ahead this time to make this hack campaign more sophisticated by installing a legitimate looking ‘Hello ad’ plugin to infected WordPress websites. More on it below. Symptoms of the Push Notifications Malware – WordPress Vulgar Push Notifications: Visitors being shown malicious/vulgar push notifications when visiting your website: Website […]

How to Fix Push Notification & Redirection Malware on WordPress

https://www.getastra.com/blog/cms/wordpress-security/fix-push-notification-malware-wordpress/

Since the last couple of weeks, the security researchers at Astra have been tracking a push notifications & pop-ups malware on WordPress. This campaign has been combined with the on-going redirection campaign on WordPress websites. A few malicious domains where redirection is happening include inpagepush[.]com, asoulrox[.]com and iclickcdn[.]com, justcannabis[.]online. Hackers have gone one step ahead this time to make this hack campaign more sophisticated by installing a legitimate looking ‘Hello ad’ plugin to infected WordPress websites. More on it below. Symptoms of the Push Notification WordPress Virus Vulgar Push Notifications: Visitors being shown malicious/vulgar push notifications when visiting your website: […]

Zabezpieczenia WordPress – Kompletny przewodnik dla Rock Solid WP Security [w zestawie bezpłatna wtyczka]

https://www.getastra.com/blog/cms/wordpress-security/przewodnik-bezpieczenstwa-wordpress/

Będąc wykorzystywanym przez jedną trzecią wszystkich stron internetowych, WordPress zawsze przyciąga uwagę hakerów. W ostatnich latach zasięg ataków na WordPress jest alarmujący i wymaga działania. Pomimo ataków WordPress Security jest wciąż bardzo źle rozumianą i niedocenianą koncepcją. Właściciele witryn uważają, że wygodniej jest je przeoczyć.  Jednak w wyniku tych exploitów wiele osób pogodzi się z potrzebą aktualizacji swoich standardów bezpieczeństwa WordPress. Ale często na morzu decydują, które praktyki bezpieczeństwa są uzasadnione, a jakie nie. Nie martw się! Przeprowadziliśmy dla Ciebie badania. W tym artykule znajdziesz pełną listę niezbędnych i możliwych do zastosowania środków bezpieczeństwa WordPress dla Twojej witryny. Co więcej, […]

WordPress Core Merge Makes Plugin & Theme Updates Automatic

https://www.getastra.com/blog/cms/wordpress-security/wordpress-plugin-theme-updates-automatic/

When the context is about security, we know how crucial it is to regularly update WordPress installations. The average WordPress website is attacked by malware 44 times a day. From weak plug-ins to insecure themes, anything could give a chance to a malware to infect your CMS. Keeping in mind the plight of the webmasters, WordPress has announced that the auto-updates feature of themes and plugins is ready for a core merge. Currently, auto-updating is accessible only for core WordPress CMS. The stable version v5.5 would enable the features of WordPress theme & plugin auto-update.  What is the need of […]

WordPress Core Merge Makes Plugin & Theme Updates Automatic

https://www.getastra.com/blog/cms/wordpress-security/wordpress-plugin-theme-auto-updates/

When the context is about security, we know how crucial it is to regularly update WordPress installations. The average WordPress website is attacked by malware 44 times a day. From weak plug-ins to insecure themes, anything could give a chance to a malware to infect your CMS. Keeping in mind the plight of the webmasters, WordPress has announced that the auto-updates feature of themes and plugins is ready for a core merge. Currently, auto-updating is accessible only for core WordPress CMS. The stable version v5.5 would enable the features of WordPress theme & plugin auto-update.  What is the need of […]

WordPress Redirect Hack – Correction des redirections de spam dans WordPress

https://www.getastra.com/blog/911/redirection-piratee-wordpress/

Votre site Web WordPress redirige-t-il les utilisateurs vers des sites inconnus et non sécurisés? Si oui, votre site Web pourrait être piraté . De telles attaques de redirection piratées WordPress sont assez courantes lorsque le malware redirige les visiteurs d’un …

Google Showing Japanese Keywords For Your Website – Fixing Japanese Keyword Hack

https://www.getastra.com/blog/911/japanese-keyword-hack/

Many website owners have contacted us worried about Japanese SEO Spam or Japanese Keyword Hack. In a Japanese keyword hack, auto generated Japanese text starts to appear on your site. This particular Blackhat SEO technique hijacks Google search results by …

XSS Vulnerability found in WPForms Plugin < 1.5.9 – Update immediately

https://www.getastra.com/blog/911/plugin-exploit/stored-xss-vulnerability-found-in-wpforms-plugin/

WPForms Plugin version 1.5.8.2 and below were found to be vulnerable to authenticated stored XSS while I was auditing the plugin. WPForms version 1.5.9 with improved data sanitization was released on March 5, 2020. Summary WPForms is a popular WordPress …