Author: Leon Wimmenhoeve

How to protect your WordPress account

According to Forbes, at least 30.000 websites are hacked daily, with a WordPress market share of 40%, which means at least 12.000 WordPress sites get compromised daily. The two leading causes of these hacks are vulnerable software and compromised accounts. Source Ensuring you are always running the latest version of WordPress and plugins and themes will prevent many of these hacks. Still, statistics suggest only about 50% of hacked WordPress sites were running outdated software. Taking into account that there

Leon Wimmenhoeve July 6, 2023

Number of reported WordPress Plugin & Theme vulnerabilities doubled in the first 6 months of 2023

We recently introduced vulnerability detection in Really Simple SSL and have been working on a database of vulnerabilities sourced from the open WordPress Vulnerability Database API project (https://www.wpvulnerability.com) since the beginning of 2023. We have been monitoring WordPress plugin and Theme vulnerabilities for years and have seen an increase in reported vulnerabilities yearly. Having access to detailed information in our own database enabled us to look closer into the details and numbers. We were surprised to find the number of

Leon Wimmenhoeve June 21, 2023

Vulnerability Detection for WordPress

WP Vulnerabilities – An open-source initiative WP Vulnerabilities is an open-source, free API by Javier Casares with contributions from other open-source, freely available databases and many manual hours from moderators and security officers from other plugins, including our own security officer. Really Simple SSL mirrors the free database with its own instance to secure stability and deliverability, but of course provides the origin database with an API to enrich, or improve its current data. An open-source platform, with an enormous

Leon Wimmenhoeve May 9, 2023

The Chrome lock icon deprecated in September 2023

The Chrome lock icon is on its way out. When Really Simple SSL started many years ago, more than 50% of the Chrome page loads did not use HTTPS. On a broader spectrum, the web was not encrypted by SSL/TLS for even less than that, topping a mere 14% in 2013. This year Chrome is expecting a stable coverage of 99% of page loads to be over HTTPS. But why is the lock being replaced? The padlock icon instills a

Leon Wimmenhoeve May 3, 2023

7.0.0-Beta Feedback

Instructions 7.0.0 wil be our next major release and will feature a simple approach to fending off and mitigating vulnerabilities in plugins,. themes and WordPress core. As you can expect from Really Simple SSL this has a simple configuration under settings, while the heavy lifting is done under the hood. In the best case scenario you will never find out what happens if a vulnerability is found, but if you want to try (safely) you can trigger some of Really

Leon Wimmenhoeve April 11, 2023

Recent

Configuring Really Simple Security with WP-CLI

How to Fix The “Link you followed has Expired” error on WordPress

404 Not Found errors detected on your homepage

Protecting site visitors with Security Headers

Hardening your website’s security

Why WordPress is (in)secure

Staying ahead of vulnerabilities

Our journey towards Really Simple Security

Categories

Most popular