Episode 92: WordPress Forced Security Autoupdate Protects Sites from Loginizer Vulnerability
An easily exploitable SQL injection vulnerability was discovered in the Loginizer plugin installed on over one million WordPress sites, causing the WordPress team to force an update to sites using the vulnerable version. The Justice Department is filing antitrust suit...
Password Security & Password Managers
In the spirit of National Cyber Security Awareness Month (NCSAM), let’s talk about a security basic that many people overlook: passwords. These are one of the most fundamental aspects of website security, yet we too often see webmasters taking a lax approach to secure...
R_Evil WordPress Hacktool & Malicious JavaScript Injections
We often see hackers reusing the same malware, with only a few new adjustments to obfuscate the code so that it is more difficult for scanning tools to detect. However, sometimes entirely new attack tools are created and deployed by threat actors who don’t want to...
Fixed: ‘Sorry, You Are Not Allowed To Access This Page’ Error
Stuck trying to access a page on your WordPress site? You may have admin access but something is preventing you from viewing or making changes to a particular page. Finding out what that something is can be frustrating. And while you spend time resolving the...
A Quick Glance at Cross-Origin Resource Sharing Security Headers
Thanks to the rapid growth of JavaScript frameworks such as Angular, Vue, and React, CORS has become a popular word in the developer’s vocabulary. When requesting information from an external source such as an API (a pretty common practice for client-side JavaScript...
Top 10 WordPress Security Mistakes and How to Avoid Them
WordPress security mistakes are easy to make. The most common mistakes in your WordPress security can be based on outdated information, common WordPress security myths or just not knowing WordPress security best practices. While WordPress itself is secure, avoiding...
3 Ways To Fix ‘403 Forbidden Request Forbidden By Administrative Rules’
Forbidden from accessing your own WordPress website? It’s frustrating and most of the time, you’ll find yourself trying out a number of solutions that don’t work. This is because the causes and solutions for the 403 error differ based on various circumstances. In...WordPress 5.6 Beta 1
WordPress 5.6 Beta 1 is now available for testing! This software is still in development, so we recommend that you run this version on a test site. You can test the WordPress 5.6 beta in two ways: Try the WordPress Beta Tester plugin (choose the “bleeding edge...