Tag: core

Ask a Security Professional: WordPress Database Security Part One — Anatomy of WordPress

For most people the year is still just getting started, but for some website owners the year has already packed quite a punch in the form of website attacks. This month hackers exploiting a vulnerability in the WordPress REST API successfully defaced over a million websites in what has become one of the largest website defacement campaigns to date. The attacks injected content that overwrote existing posts on WordPress websites running versions 4.7 and 4.7.1, leaving website owners with an immeasurable number of “Hacked by” posts across the droves of impacted websites.WordPress REST API

Many website owners who have unfortunately found themselves in the proverbial trenches of a digital battlefront, some of which had at least some security measures, are facing a difficult data recovery situation. It is from these recent events that the next Ask a Security Professional question was crafted; How can I better protect my data?

I feel that it’s important to fully understand what the problem is in order to best understand what forms a solution can take. In Part One of #AskSecPro we’ll cover an introduction to some of the infrastructure behind WordPress. Let’s start at the beginning.

Read More

Introducing SiteLock Platform Scan for WordPress

As part of ongoing efforts to better protect websites running WordPress, this week SiteLock implemented a new feature exclusively for our WordPress customers, called SiteLock Platform Scan for WordPress. Going forward, customers using WordPress on their website will receive a scan that checks for known vulnerabilities in their WordPress plugins, themes and core install.

Read More