Category: WordPress Security

Implementing Content Security Policy (CSP) on WordPress

Implementing a Content Security Policy is an essential way to protect your website from common attacks. What is Content Security Policy Content Security Policy enhances the security of web applications, reduces the attack surface, and protects users from various forms of web-based attacks such as Cross-Site Scripting (XSS), Clickjacking, data and code injection attacks. In this article, we will explore the significance of CSP and delve into the step-by-step process of implementing it on a WordPress website to enhance security

Leon Wimmenhoeve July 28, 2023

How to protect your WordPress account

According to Forbes, at least 30.000 websites are hacked daily, with a WordPress market share of 40%, which means at least 12.000 WordPress sites get compromised daily. The two leading causes of these hacks are vulnerable software and compromised accounts. Source Ensuring you are always running the latest version of WordPress and plugins and themes will prevent many of these hacks. Still, statistics suggest only about 50% of hacked WordPress sites were running outdated software. Taking into account that there

Leon Wimmenhoeve July 6, 2023

Run a Manual Vulnerability Check

Really Simple SSL, when Vulnerability Detection is enabled, runs a regular check every few hours to see if new vulnerabilities are added to our database, which may be relevant to your website. It automatically runs a check when we see a change in your WordPress installation. For example, if you update a plugin to a new version Really Simple SSL runs a check. This is also true when installing a new plugin. In some cases, Really Simple SSL doesn’t know

Leon Wimmenhoeve July 3, 2023

Number of reported WordPress Plugin & Theme vulnerabilities doubled in the first 6 months of 2023

We recently introduced vulnerability detection in Really Simple SSL and have been working on a database of vulnerabilities sourced from the open WordPress Vulnerability Database API project (https://www.wpvulnerability.com) since the beginning of 2023. We have been monitoring WordPress plugin and Theme vulnerabilities for years and have seen an increase in reported vulnerabilities yearly. Having access to detailed information in our own database enabled us to look closer into the details and numbers. We were surprised to find the number of

Leon Wimmenhoeve June 21, 2023

Vulnerability Detection for WordPress

WP Vulnerabilities – An open-source initiative WP Vulnerabilities is an open-source, free API by Javier Casares with contributions from other open-source, freely available databases and many manual hours from moderators and security officers from other plugins, including our own security officer. Really Simple SSL mirrors the free database with its own instance to secure stability and deliverability, but of course provides the origin database with an API to enrich, or improve its current data. An open-source platform, with an enormous

Leon Wimmenhoeve May 9, 2023

Recent

Configuring Really Simple Security with WP-CLI

How to Fix The “Link you followed has Expired” error on WordPress

404 Not Found errors detected on your homepage

Protecting site visitors with Security Headers

Hardening your website’s security

Why WordPress is (in)secure

Staying ahead of vulnerabilities

Our journey towards Really Simple Security

Categories

Most popular