Maintenance
How To Change The Database Prefix On Your WordPress Site
As new site owners, navigating your way through the world of website security can be daunting. A pervasive notion across numerous articles online is that changing your database prefix is a smart security measure. But, what does it mean to change the default prefix? Can it crash your site? Why should you do it? As […]
Read More
HTTPS Protocol: What is the Default Port for SSL & Common TCP Ports
SSL port numbers serve as communication endpoints for transmitting or receiving data. One of the primary functions of these ports is to establish a secure connection between a web page and a website hosting server or the CDN/WAF that might sit in front of it. These add an extra layer of security by leveraging either […]
Read More
2 Ways to Get WordPress Error Logs
When it comes to troubleshooting issues on your WordPress site, WordPress error logs are a godsend. Logs are snapshots about issues on your site, showing verbose error messages so you can resolve them easily. WordPress sites are not set up to log error information by default. However, certain web hosts do enable logging on their […]
Read More
How to Disable the File Editor on WordPress
Disabling file editing in your WordPress admin panel is a simple but effective way to minimize the effect of a security breach. WordPress has always prioritized giving site admins control over their site…including security. But, if you’re not a developer, you’ll need to do your research and create a WordPress security checklist that lists the […]
Read More
WordPress Vulnerability & Patch Roundup November 2023
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this […]
Read More
Wordfence Intelligence Weekly WordPress Vulnerability Report (November 13, 2023 to November 19, 2023)
Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Last week, there were 126 vulnerabilities disclosed in 102 WordPress Plugins and 2 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 37 […]
Read More
Several Critical Vulnerabilities including Privilege Escalation, Authentication Bypass, and More Patched in UserPro WordPress Plugin
On May 1, 2023, the Wordfence Threat Intelligence team began the responsible disclosure process for multiple high and critical severity vulnerabilities we discovered in Kirotech’s UserPro plugin, which is actively installed on more than 20,000 WordPress websites. Wordfence Premium, Wordfence Care, and Wordfence Response users received several firewall rules to protect against any exploits targeting these vulnerabilities […]
Read More
How to Disable Directory Browsing in WordPress
WordPress has many features, like directory browsing, that can be very helpful to developers. But, what is good for the goose—the good developer—- is also good for the gander— – the hackers. This is why it’s important to have a WordPress security checklist of measures to take to protect your site. Disabling directory browsing is […]
Read More
13 Best WordPress Malware Scanner Plugins (Compared)
Protecting your WordPress site from non-stop malware threats can be tough. It’s even harder when your current scanner misses some malware on sites that are clearly hacked. If you’re on shared hosting, you face even more risk because these servers are often an easy target. And if all that wasn’t enough, most web hosts don’t […]
Read More