This entry was posted in Wordfence on June 18, 2019 by Dan Moen 4 Replies
In February we launched Wordfence Central, an efficient way to manage the security of many WordPress sites in one place. If you have multiple sites and haven’t checked it out yet, you should. It includes a powerful dashboard, a single interface to view and manage security findings across all of your sites and robust new …
Read More
This entry was posted in Wordfence, WordPress Security on May 14, 2019 by Dan Moen 23 Replies
Spend any time looking at blocked attacks in Wordfence Live Traffic and you’ll walk away worried about login security. WordPress sites are under constant attack by bots attempting to guess your users’ passwords. A lot of these attacks simply test lists of commonly used passwords along with usernames they think you may have chosen, like …
Read More
This entry was posted in Podcasts on May 10, 2019 by Dan Moen 0 Replies
Today we’ve published episode 11 of Think Like a Hacker. As we mentioned earlier in the week, we’ve switched to a new format beginning this week, separating the news and our interview into two episodes. In today’s interview-focused episode we talk to Dave Ryan at WordCamp Orange County. Dave Ryan is an Interdisciplinary WordPress Developer …
Read More
This entry was posted in Vulnerabilities, WordPress Security on April 10, 2019 by Dan Moen 30 Replies
The Yuzo Related Posts plugin, which is installed on over 60,000 websites, was removed from the WordPress.org plugin directory on March 30, 2019 after an unpatched vulnerability was publicly, and irresponsibly, disclosed by a security researcher that same day. The vulnerability, which allows stored cross-site scripting (XSS), is now being exploited in the wild. These …
Read More
This entry was posted in Wordfence on February 06, 2019 by Dan Moen 19 Replies
Over the last several months, we have been focused on making Wordfence a better option for organizations with a large number of WordPress sites to protect. To start, we added the ability to secure your staging and development environments with a single Wordfence premium license, something you should take advantage of if you haven’t already. …
Read More
This entry was posted in Wordfence, WordPress Security on January 22, 2019 by Dan Moen 13 Replies
If you’ve never taken a few minutes to look at the information available in the Wordfence Live Traffic feature, I strongly recommend it. It gives you a detailed look at what attackers are trying to do to break into your site, and how Wordfence is blocking them. For today’s post we analyzed all of the …
Read More
This entry was posted in WordPress Security on December 13, 2018 by Dan Moen 12 Replies
WordPress 5.0.1 was released Wednesday night, less than a week after the much anticipated release of WordPress 5.0. This security release fixes seven security vulnerabilities, a few of which are quite serious. Sites running versions in the 4.x branch of WordPress core are also impacted by some of the issues. WordPress 4.9.9 was released along …
Read More
This entry was posted in Wordfence, WordPress Security on October 18, 2018 by Dan Moen 6 Replies
In April, Wordfence sponsored WordCamp Atlanta and several of our team members attended the event. While there, we held a capture the flag (CTF) contest, which helps WordPress site owners learn to think like a hacker so that they can better defend their websites. Part of hacker culture is the art of lock picking, which …
Read More
This entry was posted in Wordfence on September 25, 2018 by Dan Moen 13 Replies
In August, most of our team attended DefCon, a hacker conference in Las Vegas attended by tens of thousands of security professionals. All of us work remotely, so it is always really special to spend time together as a team. While we were there we completed a fun project. We created a video with footage …
Read More
This entry was posted in Videos, WordPress Security on August 24, 2018 by Dan Moen 12 Replies
This year we’ve attended and sponsored quite a few WordCamps, and have had members of our team speak at some as well. If you haven’t attended one recently we highly recommend it. They’re a great opportunity to learn and connect with other members of the WordPress community. WPCampus Highlights While not strictly a WordCamp, in …
Read More