WordPress outputs user login IDs and ID numbers in JSON. Although this is a specification, it may make your site more vulnerable to hackers for security reasons.
Tag: WordPress plugin Page 3/12
User 123@abc.com, which you don’t remember creating in WordPress, is an admin user that hackers add illegally.
Here’s what to do when spam comments don’t stop spamming URLs and links in WordPress.
You can improve security by preventing the execution of PHP programs in the upload folder of WordPress uploaded images and other folders that contain only static files outside of WordPress.
A case of a fake WordPress vulnerability patch being distributed has been uncovered. This fake security patch is malware, and there are currently reported cases of emails to WordPress administrators containing links to this malware.
More than 90% of WordPress malware has obfuscated PHP programs. This article describes the obfuscation process.
It is dangerous to run a WordPress site and think that it will not be targeted because of low traffic. We will explain why low traffic does not necessarily mean that your site will not be hacked.
A vulnerability in tagDiv Composer, a plugin included with the WordPress Newspaper theme, has been discovered that allows the database to be rewritten.
We have been consulted about a new type of malware that hooks the search results of site searches in WordPress to search engines, and here is a case study of it.
We will introduce the strongest file write permissions (permissions) to prevent malware infection in cases such as repeated malware infections in WordPress.
This section explains how site operators can deal with a red screen on a WordPress site that says “This site may cause damage to your computer.
Recently there has been an increase in WordPress malware that displays a fake browser update page. We will explain this malware.
This section explains the causes and countermeasures for images not displaying, menus (animated child menus) not displaying, and layout collapsing due to style sheet loading failure after SSL conversion.
Here are some characteristics of malware files that can infect WordPress. If such a file is found on the server, it is most likely malware.
We are pleased to announce the release of our new free service “Online Malware Scanner” on WordPress Doctor.
We will explain about Japanese SEO Spam, which is a malware that embeds fake Japanese product sites in WordPress.
Recently, there have been an increasing number of cases of malware that direct users to a new type of fake login page. We will explain this malware.
We recently received a question about allow_url_fopen on WordPress Doctor. We believe that there is little point in turning off allow_url_fopen on WordPress Doctor for security reasons. I would like to explain the reason for this.
