Tutorials

WordPress powers a lot of websites on the Internet. So it's no surprise that seasoned attackers and “script-kiddies” like to target WordPress websites. Whether you're a webmaster, or a security professional, when tasked with assessing the security posture of a WordPress website, it tends to help to be aware of common security pitfalls attackers typically take advantage of. It is also important to use the right penetration testing tools.

In this article, I'll be covering a [...]

On 27th February 2020, at 9:34PM (CET) we received an email notifying us that our plugin WP Security Audit Log was “temporarily withdrawn from the WordPress.org Plugin directory due to an exploit”.

We submitted a fix on Friday, 28th February 2020, at 4:08PM. It only took us 16.5 hours to release the fix. We would have fixed the issue much earlier if this happened during our normal working hours (we are based in Europe), because [...]

Password Policy Manager for WordPress 2.1 is out today! In this plugin update we added a new policy to disable dormant users, support for post login redirect plugins, and several other improvements. This post highlights all that is new and improved in the latest version of Password Policy Manager for WordPress.

The dormant WordPress users policy

The dormant users policy is an additional layer of security on top of the password expiry policy. Users are marked [...]

When you add images to your WordPress blog, you can transform your website into something aesthetically pleasing. According to statistics, blogs with images receive 94% more views. Whether you have been working on WordPress for while, or you are new to it, you might have faced various errors related to images. It can be any type […] [...]

There's plenty you need to do to ensure your e-commerce store offers the best possible User Experience (UX). This means keeping WordPress and all other software up-to-date, optimizing your store, and of course, ensuring it's safe to use and secure.

By safe to use, we mean making your best to protecting your customer's data. Also making sure nobody besides you or your team has access to your store's back end. For example, choosing the right web [...]

Whenever you implement a security measure, you should also have some sort of fallback. You do not want to be compromised by the failure of a single component. This is known as defense in depth.

When you manage a WordPress website, one of the most important aspects of security is authentication, a.k.a. how you login to your website. One of the ways to improve the defence in depth of your WordPress login mechanism is to implement [...]

So you put in a lot of time and effort to create an awesome piece of content in WordPress. Unfortunately, as you add more articles, your masterpiece drops down in the list of blog posts. Looking to pin one of your posts on the top of your blog? In this tutorial, we are going to […] [...]

Recently, a friend inquired about the easiest option to hide a featured image from an individual post in WordPress. I had heard of the plugin “Hide Featured Image” so I asked him to try it out. Unfortunately for him, the plugin didn't work… Why ? It was last updated more than 2 years ago and […] [...]