Category: WordPress Security
Login protection as essential security
The login page of your WordPress site is the gateway to your website’s back-end, which makes it an attractive target for a potential attacker to try gaining access to your site. Really Simple Security comes with a variety of settings that are specifically designed to protect User Accounts and the WordPress Login Page against various types of common threats. In this article, we’ll explain how you can use the plugin to considerably improve the protection of User Accounts and the
Why WordPress is (in)secure
WordPress is a free and open-source content management system (CMS) that leads the global market as the most used CMS. According to W3Techs, about ~43% of all websites run on WordPress; which includes those of some of the largest companies in the world. It boasts a large community of users and developers who actively contribute to the project, greatly benefiting the platform’s reliability and security. Still, you might occasionally hear that WordPress is perceived as a target for hackers, which
Staying ahead of vulnerabilities
There are many high quality plugins available on the WordPress Plugin Directory, offering a lot of flexibility to customize WordPress to your needs without having to write any code yourself. However, installing third-party plugins and themes also means that you’re trusting code from another developer to run on your website. And since even the best developer could accidentally introduce a security vulnerability; it’s impossible to rule out the possibility of a vulnerability being discovered in a plugin/theme that you use
Password has been found in a data breach
You might have encountered the following warning when trying to create a new account on a WordPress website, or when changing the password of an existing account: “Warning: This password has been found in (X) data breaches. Please choose a different password.” This message appears due to an active security measure on the website where you tried to register, which is designed to prevent accounts from being hacked due to the use of previously breached credentials. What does this warning mean?
Preventing the use of compromised passwords
Re-using passwords that have previously been breached poses a significant security risk to the accounts on your WordPress website. It might allow a hacker to perform a successful credential stuffing attack, whereby they attempt using previously breached usernames and passwords to gain access to accounts on various websites. Really Simple Security now offers a powerful compromised password check feature to protect you against these types of attacks. This setting prevents users from using passwords that had previously been exposed in