In this engaging video Kathy Zant and Thomas Raef have a discussion about the theft of session cookies, which is becoming more prevalent, and what you can do about it.
CSI WordPress Edition
Kathy Zant @ youtube.com • 1 year ago
Kathy Zant @ youtube.com • 1 year ago
In this engaging video Kathy Zant and Thomas Raef have a discussion about the theft of session cookies, which is becoming more prevalent, and what you can do about it.
Sarah Gooding @ wptavern.com • 1 year ago
The LiteSpeed Cache plugin had a security issue that has been patched. Update if you haven’t already.
Jb Audras @ wordpress.org • 1 year ago
WordPress 6.3.2 is a security and maintenance release and is rolling out now.
Thomas Raef @ wewatchyourwebsite.com • 1 year ago
Yikes, this is scary. Thomas J. Raef reports that WordPress management consoles such as ManageWP, WPUmbrella, and MainWP have been used to compromise connected child sites. It seems the exact way the parent sites are being compromised is not certain, but possibly from site admins using open WiFi networks. There isn’t an indication that ManageWP, WPUmbrella, or MainWP themselves have been hacked.
Sarah Gooding @ wptavern.com • 1 year ago
WordPress.org now supports various options for Two Factor Authentication for account access. This seems long overdue and it is good to see it being implemented.
thomas raef @ wpbuilds.com • 1 year ago
This is an interesting interview with Thomas J. Raef on protecting your website and the state of WordPress security. Great interview. Very clear discussion.
Ram Gall @ wordfence.com • 1 year ago
Recently there have been headlines that malware scanners are worthless. WordFence published an article describing how they see malware scanners as part of a layered approach to security and they also discussed their new command line scanning option.
Akshat Choudhary @ wpbuilds.com • 1 year ago
Part 2 of the WP Builds interview series on WordPress security. This interview is with Akshat Choudhary, the founder of BlogVault and MalCare.
Josh Escobedo @ liquidweb.com • 1 year ago
Just like your WordPress site, if you are using a VPS then it is necessary to lock it down and keep it updated.