Security – Internet, WordPress, and otherwise

WP Briefing: Who Is WordPress?

WP Briefing: Who Is WordPress?

In this episode, Josepha explores the five groups within the WordPress ecosystem and provides a high-level example of how they interact and support one another. As always, stay tuned for the small list of big things and a contributor highlight.   Have a...

read more
Web Hosting Security in 2021 – Who’s Responsible Today?

Web Hosting Security in 2021 – Who’s Responsible Today?

I’ve been reading a number of rather aggressively toned discussions against various web hosts in forums over the past few months.I would like to take a bit of your time today to address some of the statements made against shared hosting companies and their...

read more
Vulnerabilities Patched in WP Page Builder

Vulnerabilities Patched in WP Page Builder

On February 15, 2021, the Wordfence Threat Intelligence team began the responsible disclosure process for several vulnerabilities in WP Page Builder, a plugin installed on over 10,000 sites. These vulnerabilities allowed any logged-in user, including subscribers, to...

read more
WordPress Vulnerability Report: April 2021, Part 1

WordPress Vulnerability Report: April 2021, Part 1

New WordPress plugin and vulnerabilities were disclosed during the first week of April. This post provides a report of recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. The...

read more
Announcing activity logs for Gravity Forms

Announcing activity logs for Gravity Forms

Today we’re really excited to announce the new activity logs extension for Gravity Forms, which allows the plugin users to keep a log of what is happening in Gravity Forms. So, without wasting any more time, let’s dive right in. Activity logs for Gravity Forms Gravity...

read more
The Month in WordPress: March 2021

The Month in WordPress: March 2021

This way of iterating improves WordPress and ties back to one of my favorite open-source principles. The idea that with many eyes, all bugs are shallow. To me, that means that with enough people looking at a problem, someone is bound to be able to see the solution....

read more
Episode 111: PHP Git Repository Compromised

Episode 111: PHP Git Repository Compromised

The self-hosted Git repository for PHP was compromised, with attackers adding a backdoor to a development version of PHP 8.1. The intrusion was detected by the PHP community quickly, and no production environments were affected. Ubiquiti experienced an intrusion in...

read more
What is the best way to backup a WordPress website?

What is the best way to backup a WordPress website?

If you’re asking what is the best way to backup a WordPress website, then you’ve made a good start. That means you know backing up your WordPress website or blog is necessary. You just want to know which option works best for you. We’re here to help you answer the...

read more
WordPress Vulnerability Report: March 2021, Part 4

WordPress Vulnerability Report: March 2021, Part 4

New WordPress plugin and theme vulnerabilities were disclosed during the final week of March. This post covers the recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. The WordPress...

read more
PHP Compromised: What WordPress Users Need to Know

PHP Compromised: What WordPress Users Need to Know

Late Sunday night, on March 28, 2021, Nikita Popov, a core PHP committer, released a statement indicating that two malicious commits had been pushed to the php-src git repository. These commits were pushed to create a backdoor that would have effectively allowed...

read more
Disable Apache mod_rewrite Rules in any Subdirectory

Disable Apache mod_rewrite Rules in any Subdirectory

Let’s say you have some .htaccess rewrite rules in place using Apache’s mod_rewrite. By default if the rewrite rules are located in the root directory, they will be applied to every subdirectory, as expected. But what if you need to disable the rewrite rules so that...

read more
Two Vulnerabilities Patched in Facebook for WordPress Plugin

Two Vulnerabilities Patched in Facebook for WordPress Plugin

On December 22, 2020, our Threat Intelligence team responsibly disclosed a vulnerability in Facebook for WordPress, formerly known as Official Facebook Pixel, a WordPress plugin installed on over 500,000 sites. This flaw made it possible for unauthenticated attackers...

read more
Can your WordPress website users damage your business?

Can your WordPress website users damage your business?

Can your employees be a threat? Yes, quite possibly, but in the main unwittingly. I wrote recently on the statistics which highlight the biggest source of WordPress vulnerabilities. However, another sizeable constituent part of your infrastructure is equally...

read more
WordPress Vulnerability Report: March 2021, Part 3

WordPress Vulnerability Report: March 2021, Part 3

New WordPress plugin and theme vulnerabilities were disclosed during the third week of March. This post covers the recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. The WordPress...

read more
SecuPress v2.0 aka Python

SecuPress v2.0 aka Python

SecuPress 2.0 is here! As always, after a while without updating, this 2.0 is finally here. The goal of this version is to open the door to future versions 2.x because this change of major version number means that all the functionalities will be reviewed one by one...

read more

Get ALL Your SEO, WordPress & Divi News

Join Our Daily Roundup