Security

Sucuri’s latest announcement about the shell shock vulnerability says that millions of WordPress sites are at risk. Unlike the other cases, there is no plugin being exploited here. The culprit this time is the bash shell that is a part of every server. Bash is a command processor where users can type in commands and execute them….

Brute force attacks form a sizeable chunk of the attacks in the Internet today. In an attempt to crack login information, our WordPress sites are endlessly bombarded with login attempts. You can obtain more details about these failed login attempts such as the IP address from your logs. The next obvious step is to block…

If the thought of changing your admin username is scaring you, this article is meant for you. We’ll guide through all the details of changing your default admin username. The admin account is created by default whenever you install WordPress for the first time. This user will have all the administrative privileges to make any…

Security is the buzzword today. The number of discussion threads that are created everyday on various forums gives a clear indication of its significance. With the growing number of attacks on WordPress sites every year, there is no easy way of securing our sites. Security plugins emerge as a must have for improving WordPress security….

Security through obscurity is the most commonly used strategy to protect our WordPress sites from attacks. It is based on the belief that a system is secure as long as outsiders can’t find out details about its internal mechanism. Security through obscurity is achieved by hiding the important parts like login and admin pages, admin…

Login attacks form the bulk of brute force attacks on WordPress sites. So it’s no surprise that all the security plugins lay special focus on login security. It includes features like limited login attempts, lockout period, customized error messages and lastly, email alerts. An email alert is generated to notify you every time a user…

As WordPress site owners, securing our data is a top concern. We want to do everything in our capacity to protect our site, its visitors and our customers against any harm. Unfortunately, no matter how hard we try attacks still happen. Blame it on WordPress’ ever growing popularity! The number is only set to rise…

As WordPress site owners, securing our data is a top concern. We want to do everything in our capacity to protect our site, its visitors and our customers against any harm. Unfortunately, no matter how hard we try attacks still happen. Blame it on WordPress’ ever growing popularity! The number is only set to rise…

The security team at Sucuri recently discovered a vulnerability in the Custom Contact Forms plugin. The popular plugin with over a 6,00,000 downloads is widely used to customize contact forms. The vulnerability allows attackers to take control of your website, bypassing all authentication methods. If you have this plugin installed on your site with a…

Researchers recently uncovered a major XML vulnerability in WordPress that can take your website down. While most WordPress security issues in the past few years have revolved around issues in plugins and themes, this one lies at the core. The vulnerability is a classic case of the ever-popular denial of service (DoS) attack. In this…