Security Weekly

Weekly website security lessons brought to you by The Admin Bar in partnership with Patchstack

Week 13

WordPress Plugins Security Vulnerability Disclosures

There have been a lot of discussions about how plugin developers should communicate security fixes to the users. In the past, it has been their decision to choose wether they want to …

Week 12

WordPress Security Compliance & Regulations

Security compliance and regulations are topics that are not often discussed in the context of WordPress, but this is going to change significantly in the coming years. GDPR was one of the …

Week 11

Who should take the responsibility of WordPress security?

Whenever most people discuss WordPress security, the conversation typically revolves around which security solutions to use, where to host the website, and how to keep it secure. Something that often seems missing …

Week 10

Most Common WordPress Security Misconceptions

As we’ve covered the basics of WordPress security, it’s time to address some common myths and misconceptions. The internet is brimming with SEO content offering various security tips. While some advice is …

Week 9

WordPress Security on Application Layer

Once you have your server ready, you’ll need to set up the application that you wish to host there. This application in our case is the WordPress and all of the different …

Week 8

WordPress Security on Server Layer

Last week we talked about WordPress security on the network layer (with Cloudflare as an example). This week, we’ll look into what will happen once the traffic gets passed to the server. …

Week 7b

WordPress Security on the Network Layer

In the last post, we covered different layers of the WordPress attack surface. Security should always be applied on multiple layers. Today, we will be covering what you can (and should) do …

Week 6

How to map the WordPress attack surface?

Before you can start setting up any security measures, you should have a clear understanding where security is even needed. To do that, you’ll first need to start mapping your attack surface. …

Week 5

Consider yourself hacked

We now know why the hackers are after websites and how they are targeting them (if you missed this, check out the previous episodes). You’ve probably also noticed that I’ve intentionally avoided …

Week 4

How do WordPress sites get hacked? (Part 3)

In the past 2 issues, we’ve talked about the different ways websites are taken over by compromising privileged accounts and by exploiting security vulnerabilities in the WordPress core, plugins and themes. Sometimes …

Week 3

How WordPress sites get hacked? (Part 2)

Last week, we covered the different methods hackers use to compromise WordPress websites by taking over administrator accounts. This week, we’ll cover the second most common attack vector (which in some months …

Week 2

How do WordPress sites get hacked? (Part 1)

Last week we talked about what motivates cyber criminals to automate attacks against websites to gain unauthorised access. Now, as we know what their motivations are, let’s look into how they do …

Previous 12345 Next
2025phone

Join the #1 WordPress Community

The Admin Bar community is at the heart of what we do. Join in on the daily conversation and get involved.

Request Membership

© 2017-2025 The Admin Bar (a Division of OGAL Web Design) — All Rights Reserved — Hosted at Rocket.net