Category: WordPress Security
Suspected bots causing 404 errors
You might have received the following notice in your Really Simple SSL Dashboard about suspected bots triggering large numbers of “404 Not Found” errors on your site: This article explains why the plugin has built-in detection for large amounts of 404 pages being triggered, and the reasons why these are unlikely to be triggered by legitimate (human) visitors; but rather by bots. Finally, we will cover how to configure the Firewall in Really Simple SSL Pro to block bots that
About File Change Detection
The File Change Detection feature (located under SSL & Security -> “Settings” -> Hardening -> File Change Detection) enables a daily scan to monitor if any changes have been made to files in WordPress Core, or files from Plugins or Themes on your site. If files are being modified without performing any updates, and without manually having modified those files via FTP this could indicate that your WordPress installation was infected by malware that targeted & modified those files on your server.
About Login Authentication and 2FA
Really Simple Security offers two distinct approaches to Login Protection: Two-Factor Authentication (2FA) adds an extra security layer by requiring users to verify their identity with a second step after entering their password. Even if an attacker obtains a password, they would still need this second factor to gain access. Email verification: A verification code is sent to the user’s email address. Pros: easy to use, no need to install additional apps Cons: if the user’s e-mail address is compromised,
About File Permission Detection
All files and directories on your webserver have permissions which determine who can read, write, modify and access them. Files and directories should not have more permissions than they require; as unnecessarily elevated permissions might leave your site vulnerable to attack. Configuring appropriate permissions significantly reduces the risk of unauthorized access to your WordPress files and folders. Really Simple SSL Pro (since version 8.2.0) introduces the File Permission Detection feature, available under Settings -> SSL & Security -> “Settings” (top
About Region Restrictions
In some cases, you might want to restrict access to your site from certain regions. There are several reasons for doing so; such as complying with (privacy) regulations, or to ensure that content can only be viewed by a desired audience. And then there’s the security aspect to consider, as malicious actors often launch attacks from specific geographic regions. Blocking access from these regions helps to protect against targeted attacks originating from specific geographic areas. Really Simple SSL Pro (8.2)