Security Weekly

In the last post, we covered different layers of the WordPress attack surface. Security should always be applied on multiple layers. Today, we will be covering what you can (and should) do …

Before you can start setting up any security measures, you should have a clear understanding where security is even needed. To do that, you’ll first need to start mapping your attack surface. …

We now know why the hackers are after websites and how they are targeting them (if you missed this, check out the previous episodes). You’ve probably also noticed that I’ve intentionally avoided …

In the past 2 issues, we’ve talked about the different ways websites are taken over by compromising privileged accounts and by exploiting security vulnerabilities in the WordPress core, plugins and themes. Sometimes …

Last week, we covered the different methods hackers use to compromise WordPress websites by taking over administrator accounts. This week, we’ll cover the second most common attack vector (which in some months …

Last week we talked about what motivates cyber criminals to automate attacks against websites to gain unauthorised access. Now, as we know what their motivations are, let’s look into how they do …

Security within the WordPress ecosystem is something that has recently become as important as the website performance. In fact, security incidents may lead to the worst kind of performance issues, which can …