How to prevent a brute force attack on XMLRPC.php in WordPress

How to prevent a brute force attack on XMLRPC.php in WordPress

This section explains how to prevent a brute force attack on XMLRPC.php in WordPress.

Read more

A case study of a WordPress malware infection that led to a lawsuit.

A case study of a WordPress malware infection that led to a lawsuit.

We would like to introduce a case in which malware infection led to a lawsuit by a client who requested us to investigate the status of malware infection.

Read more

What vulnerabilities should I be especially aware of in WordPress?

What vulnerabilities should I be especially aware of in WordPress?

We will explain the vulnerabilities that you should be especially aware of in WordPress.

Read more

Malware infecting index.php in any folder in wordpress

Malware infecting index.php in any folder in wordpress

There is an increasing amount of malware infecting index.php in every folder in WordPress. This malware will be explained.

Read more

What are the essential features of the WordPress security plugin?

What are the essential features of the WordPress security plugin?

This section describes the features that should be implemented in the WordPress security plugin.

Read more

WordPress upgrade.php and install.php leaking wordpress version issue

WordPress upgrade.php and install.php leaking wordpress version issue

This section describes the problem of wordpress upgrade.php and install.php leaking the wordpress version and how to deal with it.

Read more

Glossary of common vulnerability attacks in WordPress

Glossary of common vulnerability attacks in WordPress

This is a brief glossary of common vulnerability attacks on WordPress.

Read more

What to do if a user complains that a WordPress site sends them to another site.

What to do if a user complains that a WordPress site sends them to another site.

Here is what to do if a user complains that a WordPress site sends them to another site.

Read more

Malware "random string.js.php" cleverly disguised as a common program in WordPress

Malware “random string.js.php” cleverly disguised as a common program in WordPress

Malware infections are spreading in WordPress that cleverly disguise themselves as common programs.

Read more

Try to block vulnerabilities in WordPress plugins directly without updating them.

Try to block vulnerabilities in WordPress plugins directly without updating them.

We will explain how to directly edit plug-ins and other plug-ins to close vulnerabilities in WordPress plug-ins without updating the plug-ins.

Read more

Why does WordPress malware parasitize legitimate files?

Why does WordPress malware parasitize legitimate files?

Unlike common computer viruses, malware that infects WordPress often rewrites the legitimate WordPress core files to become a parasite. We will explain the reasons for this and how to deal with it.

Read more

What is cookie hijacking to steal cookies of logged in WordPress users?

What is cookie hijacking to steal cookies of logged in WordPress users?

Cookie hijacking, which is the theft of cookies from logged-in WordPress users, will be explained.

Read more

Malware that uses raw.githubusercontent.com to infect WordPress

Malware that uses raw.githubusercontent.com to infect WordPress

We will explain the malware (a malicious program that is embedded after a WordPress site is defaced) that uses raw.githubusercontent.com to infect WordPress.

Read more

Are there pages registered in Google Search Console that I don't remember creating?

Are there pages registered in Google Search Console that I don’t remember creating?

If a page you do not remember creating is registered in Google Search Console, it is possible that your WordPress site was infected with malware and generated a malicious page.

Read more

How to disable the standard search function in WordPress to return a 404 page

How to disable the standard search function in WordPress to return a 404 page

This section explains how to disable WordPress’ standard search function and return a 404 page.

Read more

How do I completely hide my WordPress admin ID (login ID)?

How do I completely hide my WordPress admin ID (login ID)?

WordPress is a CMS that basically does not hide the user ID = login ID. This means that a hacker attempting to gain unauthorized access to the site can log in as long as they know the password. We will explain how to completely hide your WordPress administrator ID.

Read more

Vulnerability in WordPress Plugin LiteSpeed Cache Affects 5 Million Sites

Vulnerability in WordPress Plugin LiteSpeed Cache Affects 5 Million Sites

A vulnerability affecting 5 million sites has been discovered in the popular WordPress cache plugin LiteSpeed Cache 6.3.0.1 and below. We recommend updating as soon as possible.

Read more

Fake Plugin Installations Spreading in WordPress Super Socialat

Fake Plugin Installations Spreading in WordPress Super Socialat

This section describes the installation of a fake plugin Super Socialat spreading in WordPress.

Read more

Page 1/14