WordPress Vulnerability Roundup: May 2020, Part 2

https://ithemes.com/wordpress-vulnerability-roundup-may-2020-part-2/

New WordPress plugin and theme vulnerabilities were disclosed during the second half of May, so we want to keep you aware. In this post, we cover recent WordPress plugin, theme and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on your website. New WordPress plugin and theme vulnerabilities were disclosed during the second half of April, so we want to keep you aware. In this post, we cover recent WordPress plugin, theme and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on […]

WordPress Vulnerability Roundup: March 2020, Part 2

https://ithemes.com/wordpress-vulnerability-roundup-march-2020-part-2/

New WordPress plugin and theme vulnerabilities were disclosed during the second half of March, so we want to keep you aware. In this post, we cover recent WordPress plugin, theme and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup is divided into four different categories: WordPress core WordPress plugins WordPress themes WordPress Core Vulnerabilities There haven’t been any disclosed WordPress vulnerabilities in 2020. WordPress Plugin Vulnerabilities Several new WordPress plugin vulnerabilities have been discovered this month so far. Make sure to follow the suggested […]

WordPress Vulnerability Roundup: May 2020, Part 1

https://ithemes.com/wordpress-vulnerability-roundup-may-2020-part-1/

New WordPress plugin and theme vulnerabilities were disclosed during the first half of May, so we want to keep you aware. In this post, we cover recent WordPress plugin, theme and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on your website. New WordPress plugin and theme vulnerabilities were disclosed during the second half of April, so we want to keep you aware. In this post, we cover recent WordPress plugin, theme and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on […]

World Password Day 2020: Let’s Increase Your Password Security

https://ithemes.com/world-password-day-2020-lets-increase-your-password-security/

Today is World Password Day and we wanted to share some resources you can use to review your password security. World Password Day reminds us of the importance of having a solid password strategy for all your online accounts. These resources apply to password security in general but also specifically for WordPress websites. Here’s a quick WordPress password quiz: 1. Have you used the password again someplace else, for a separate account? 2. Are you using “admin” as your WordPress username? 3. Is your password a dictionary word? 4. Have you shared your password with anyone else? 5. Does your […]

WordPress Vulnerability Roundup: April 2020, Part 2

https://ithemes.com/wordpress-vulnerability-roundup-april-2020-part-2/

New WordPress plugin and theme vulnerabilities were disclosed during the second half of April, so we want to keep you aware. In this post, we cover recent WordPress plugin, theme and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup is divided into four different categories: WordPress core WordPress plugins WordPress themes Each vulnerability will have a threat rating of Low, Medium, High, or Critical. WordPress Core Vulnerabilities There haven’t been any disclosed WordPress vulnerabilities in 2020. WordPress Plugin Vulnerabilities Several new WordPress plugin vulnerabilities […]

WordPress Vulnerability Roundup: April 2020, Part 1

https://ithemes.com/wordpress-vulnerability-roundup-april-2020-part-1/

New WordPress plugin and theme vulnerabilities were disclosed during the first half of April, so we want to keep you aware. In this post, we cover recent WordPress plugin, theme and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup is divided into four different categories: WordPress core WordPress plugins WordPress themes WordPress Core Vulnerabilities There haven’t been any disclosed WordPress vulnerabilities in 2020. WordPress Plugin Vulnerabilities Several new WordPress plugin vulnerabilities have been discovered this month so far. Make sure to follow the suggested […]

WordPress Vulnerability Roundup: March 2020, Part 1

https://ithemes.com/wordpress-vulnerability-roundup-march-2020-part-1/

New WordPress plugin and theme vulnerabilities were disclosed during the first half of March, so we want to keep you aware. In this post, we cover recent WordPress plugin, theme and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup is divided into four different categories: WordPress core WordPress plugins WordPress themes WordPress Core Vulnerabilities There haven’t been any disclosed WordPress vulnerabilities in 2020. WordPress Plugin Vulnerabilities Several new WordPress plugin vulnerabilities have been discovered this month so far. Make sure to follow the suggested […]

7 WordPress Security Best Practices

https://ithemes.com/7-wordpress-security-best-practices/

As hacks and security breaches become more of a concern for anyone running a WordPress website, it’s important to know you can drastically improve your security by using a few WordPress security best practices. If you don’t already have a WordPress security strategy in place, this post will help you understand seven ways you can secure and protect your WordPress website. WordPress Security Best Practices 1. Use a strong password with the help of a password manager. 2. Two-Factor ALL THE THINGS. 3. Regularly change your WordPress salts. 4. Use secure file permissions. 5. Use sFTP whenever possible. 6. Use […]

Combat WordPress Brute Force Attacks with the iThemes Brute Force Protection Network – Free in iThemes Security

https://ithemes.com/combat-wordpress-brute-force-attacks-ithemes-brute-force-protection-network-free-ithemes-security/

A new way to combat WordPress Brute Force Attacks just arrived with the new iThemes Brute Force Protection Network. This new brute force protection setting is available in the latest version of iThemes Security — free to download on the WordPress.org Plugin Directory. Understanding Brute Force Attacks Unlike hacks that focus on vulnerabilities in software, brute force attacks exploit the simplest method of gaining access to a site: by trying usernames and passwords, over and over again, until it gets in. If one had unlimited time and wanted to try an unlimited number of password combinations to get into your site they […]

New One-Click WordPress Security Check in iThemes Security

https://ithemes.com/one-click-secure-site-wordpress-security-check/

The latest version of iThemes Security Pro (6.4.2) & iThemes Security Free (7.6.1) includes a new “one-click” WordPress Security Check for your WordPress site. The Security Check feature is designed to help save you time and ensure your site is using the recommended security settings. Features/Settings Enabled by Security Check With just one click of the “Secure Site” button, iThemes Security will enable and configure all the recommended security features and settings within the plugin. This table lists out the feature/setting and the benefits activated by the Security Check. Feature/Setting Benefit Banned Users Blocks specific IP addresses and user agents […]