It’s no secret that websites face a barrage of attacks daily, up to 50 on average. But whose job is it to secure websites against those daily threats? Recent SiteLock survey data shows that nearly half (45%) of website owners believe that their web host is responsible for keeping their website secure. Nothing could be further from the truth.
Page 16 of 71
Last week WordPress released version 4.9.7, a maintenance and security update. This update addresses a recently discovered security vulnerability, as well as 17 additional bug fixes. WordPress disclosed that versions 4.9.6 and earlier are affected by a security vulnerability that to delete files outside of the /wp-content/uploads directory. This could potentially allow users created by malware to delete files necessary to the core functionality of WordPress.
Nowadays, it’s easier than ever before to get an SSL certificate for your site. Virtually all managed hosts offer it right from the dashboard, some even providing a free SSL certificate, so check with your host before looking into third-party certificates. If they don’t offer a free one, they may still sell and offer configuration of third party SSL certificates. But as with most other things, the price and complexity of configuration depends on your specific use case. In this article we take a look at the types of SSL certificates that are out there, so you can decide what is right for you.
Hot on the heels of the major cyberattack on Ticketfly comes the news of a breach affecting Ticketmaster UK. Impacting customers who purchased concert tickets in the UK, it was reported that malware was found in the website’s third party customer chat client. The malware flew under the radar for months, accessing credit card and personal information of 40,000 victims between September 2017 and June 2018. Stealthy malware is just one of many topics featured in Q1 2018 edition of the SiteLock Website Security Insider – our hosts cover some of the highlights of the report.
Recently, ServerPress released a huge update to their DesktopServer local development environment software: Native support for SSL and PHP7. Next week, look for an interview with ServerPress partner Marc Benzakein on these features and the journey of building this highly anticipated release.
Now, let’s take a closer look at SSL and HTTPS to understand why this was such an important feature to support, and why you should have HTTPS enabled on your website no matter your CMS or business case.
Did you know websites experience around 50 attacks per day on average? Not to mention, 18.5 million websites on the internet are potentially infected with malware at any given moment. Whether you run a personal website, a blog, or a small business, cybersecurity may not be high on your priority list due to limited time and budget. With all that being said, it’s important to protect your website from malware attacks, and the good news is—it can be easy and affordable.
We continue to hear about cyberattacks and data breaches around the world. Last week, the European retailer, Dixons Carphone, admitted to a huge data breach involving 5.9 million credit cards and 1.2 million personal data records. Meanwhile in the United States, net neutrality has officially been repealed. The rules that required internet service providers to offer equal access to all web content are no longer in effect as of June 11, 2018.
Last week at WordCamp OC, I gave a talk on Security for WooCommerce sites. As ecommerce sites are much more complex and typically handle sensitive data through digital payment transactions, there are a lot more points of potential security breach. The same goes for GDPR compliance: all of these extra information processing steps must be vetted and checked for security, transparency in responsible data handling and opt-ins to collection.
This article will walk you through the extra steps you must take to ensure GDPR compliance for your WooCommerce website.
When you’re busy managing your website, it helps to have a security expert on your side should you ever run into trouble. That’s where SiteLock Expert Services comes in. Expert Services is our team of trained security engineers who manually find and fix malware, vulnerabilities, and other security issues quickly. They partner with customers to help them through stressful and confusing situations, such as sophisticated cyberattacks and host suspensions. Their services are available a la carte or included with SiteLock INFINITY, so you’re always covered in the event of a cyberattack.