PPMWP 2.4.0: New feature to block users with failed login attempts & other updates

https://www.wpwhitesecurity.com/ppmwp-2-4-0/

Today we are happy to announce Password Policy Manager update 2.4.0. This exciting release features the much anticipated new feature to block users which have failed login attempts as well as other updates and improvements. Let’s dive right in to see what is new and improved in this latest update of our Password Policy Manager plugin for WordPress. Block users with multiple failed login attempts By default, WordPress allows users to try to log in as many times as they want. This functionality is often exploited – attackers use easily available automated tools to launch dictionary attacks and guess your […]

What is the best way to backup a WordPress website?

https://www.wpwhitesecurity.com/wordpress-backup/

If you’re asking what is the best way to backup a WordPress website, then you’ve made a good start. That means you know backing up your WordPress website or blog is necessary. You just want to know which option works best for you. We’re here to help you answer the question. In this blog post, we explain why backups are a neglected but vital aspect of your WordPress website security and maintenance routine. First, we outline the detrimental effects of neglecting to establish a secure backup system and what you stand to lose. But before you rush to solve this […]

Can your WordPress website users damage your business?

https://www.wpwhitesecurity.com/wordpress-website-users-threats/

Can your employees be a threat? Yes, quite possibly, but in the main unwittingly. I wrote recently on the statistics which highlight the biggest source of WordPress vulnerabilities. However, another sizeable constituent part of your infrastructure is equally vulnerable, if not more so, and which we all too often overlook – our users – who are being targeted directly by the bad actors out there. Table of contents Lessons we can learn from the CIA Why the attacks? What are they after? From where, and how are they gaining access? What can I do about all this? What can we […]

Join us for free at the biggest online summit in the WordPress space

https://www.wpwhitesecurity.com/atarim-summit-2021/

This past year has been a rollercoaster of emotions for many of us. Some were thriving while others were barely surviving. One takeaway we can be proud of as a community is how most of us had to be even more creative than usual to get through 2020… With long hours, a lot of stress & uncertainty within our businesses. To have a better 2021 for you and your agency, keep learning and investing in yourself to ensure any situation that’s thrown your way can be dealt with, swiftly and with much less stress. That’s why this year, we are […]

How to manually backup your WordPress website without a plugin

https://www.wpwhitesecurity.com/manual-wordpress-backup-without-plugin/

It’s important to understand the most fundamental WordPress tasks when running your site. Security, of course, should be one of your primary considerations. Creating a manual WordPress backup should also be in your toolbox. You should use a dedicated backup plugin or online service to automatically back up your website. However, by knowing how to manually backup your website you’ll get a better understanding on how your website works. Also, the manual approach can save your bacon if you for example can’t access your WordPress dashboard or online service. Accidents happen, so as such, it’s a good method to learn. […]

How to clean a hacked WordPress website or blog

https://www.wpwhitesecurity.com/clean-hacked-wordpress-website-blog/

Whether your WordPress website has been hacked and you’re currently in damage control, or whether you’re preparing for the worst, this article will guide you through the process of cleaning a hacked WordPress website. The process is documented in an easy to follow step-by-step format to help you accomplish the following: Gain back control of your WordPress website Identify the likely source of the infection Find the infection & malicious code Remove any malware, backdoors and web shells Remove your domain from any malware lists such as the Google Safe Browsing database Prevent a recurrence Is your hacked WordPress website […]

How to choose the best WordPress web hosting provider

https://www.wpwhitesecurity.com/best-wordpress-hosting/

You’re searching the web for information on how to choose the best WordPress web hosting service, right? You’re determined that your website host will help search engines prioritize your website above other slower, less reliable and less secure websites. But, how do you decide? This blog post defines the four main types of WordPress web hosting – with easy to digest merits and limitations for each. It also sets out the important, optional extras offered by the higher ranking WordPress web hosting providers. After reading our analysis, you’ll be in a great position to decide on which type of web […]

WordPress HTTPS, SSL & TLS – a guide for website administrators

https://www.wpwhitesecurity.com/ssl-tls-https-guide-wordpress-administrators/

When you visit a website, your browser (also known as a client) sends a HTTP request to a web server. Once the web server sends an HTTP response, the browser can then render the page to your screen. However, HTTP traffic has a problem; it is a plaintext protocol. This makes it susceptible to snooping and meddling. If an attacker is on the same network as you they can intercept and read your HTTP traffic. They may also modify both your requests to the server, as well as the server’s responses back to you. This is known as a Man-in-the-Middle […]

WordPress security & hardening, the definitive guide

https://www.wpwhitesecurity.com/wordpress-security/

WordPress is massively popular. Around every one in five sites on the Internet uses WordPress in some form. Be that to run a humble blog, or a multi-site Content Management System (CMS) or eCommerce site. As a result, it is no surprise that WordPress websites are a very popular target for both experienced hackers and script-kiddies alike. The last thing any webmaster wants is to find out that their website has been hacked; maybe taken hostage and is part of a botnet, spreading malware, or partaking in Denial of Service (DoS) attacks. In this article we’ll be sharing a number […]

Password Policy Manager 2.3.4: improved plugin interoperability & bug fixes

https://www.wpwhitesecurity.com/ppmwp-2-3-4/

Today we are in the third week of 2021, and we are happy to announce the third plugin update of the year: Password Policy Manager 2.3.4. This update features better interoperability with third party plugins, a few minor improvements, and a number of bug fixes. Let’s dive right into the below highlight to see what is improved and fixed in this update of our WordPress password security plugin: improved the support for post-login redirect plugins such as Peter’s Login Redirect. fixed an issue in which users with an expired password could still access the dashboard, in some cases. updated a […]