We will explain five blind spots that are more dangerous for WordPress operators who think they have security measures in place.
Category: WordPress Security Page 1/18
We will explain why nulled (illegally distributed) WordPress themes/plugins are dangerous.
People say it’s dangerous not to update your WordPress… I’ll explain exactly what happens if you don’t update your WordPress.
This section explains how to exclude WordPress CSP settings from the admin screen.
This section explains how to exclude wp-admin from the CSP settings in WordPress. The CSP content security policy setting causes various problems in the wordpress admin. CSP is a setting that allows the browser to load various external javascripts and styles, but the WordPress ad
After WordPress has been tampered with, we explain why backups are dangerous.
If default-src and script-src in the CSP Content Security Policy are set at the same time, this section explains which has priority.
Hackers may install malicious plugins (wp-cleansong, wp-cache, optimize-core, system.php, etc.) once they have successfully infiltrated a WordPress site. This section describes how to deal with the installation of such unauthorized plug-ins.
This section explains the precautions to be taken when using multiple security plug-ins together in WordPress.
Converting WordPress to SSL and setting up a CSP (Content Security Policy) does not prevent hacking. We will explain the reasons for this.
We will explain why “‘unused plugins’ are an attack vector in WordPress – the difference between removal vs. disabling.
We will explain 7 important WordPress security operation policies that the production company won’t tell you about, and that you must follow after delivery.
I would like to explain whether or not it is better to put wp-config.php under a different name or in a different directory, and how to do this.
We have compiled a list of the six most targeted WordPress plugin vulnerabilities in recent years. If you have any of these plugins installed on your site (enabled or disabled), we recommend that you update to the latest version or remove them if you are not using them.
We will explain the operational design to reduce the reinfection rate after WordPress malware removal.
This presentation will explain how to automate WordPress malware and vulnerability detection and email notification.
Our thoughts on meaningful and not-so-meaningful security measures in WordPress will be explained.
Recently, we have received several requests to remove malware that executes malicious code written to the clipboard with a fake capture, and there is a possibility that this type of malware is spreading. Here is what we know about this malware.
